Fieldman Blog

Three Steps Companies Should Take to Prepare for a Ransomware Attack

Best Practices

Cybersecurity should be at the core of any digital asset management strategy, especially when a utility vendor is searching for an efficient platform to perform a meter replacement project.


Rising cyber and physical threats are two of the major business disruptors today, warns Deloitte in its report, "Building the backbone of the energy transformation." There are no signs that cyber-attacks will disappear or even slow down any time soon. Unfortunately, the complete opposite is true. Experts are calling on all businesses to prepare for a variety of coercion strategies. A new ransomware attack happens every 11 seconds, warns Harvard Business Review.

The intention of bad actors is to damage power infrastructure assets and disrupt grid operations. The University of Cambridge Center for Risk Studies estimated that in 2015 a successful cyberattack on the US power grid could cost between $243 billion and one trillion. Five years later, the industry was affected by a major cyberattack on SolarWinds. According to the North American Electric Reliability Corp., about 25% of power utilities were exposed to the SolarWinds hack.

How do cyber threats affect field operations? The most obvious way is through lost revenue due to work stoppages. If backup restores don't work, utility vendors may have to pay a significant ransom to regain access to their data.

These factors are colossal business risks, and utility vendor executives and IT managers cannot ignore them. To help vendors start their digital transformation journeys, Fieldman highlighted three practical steps that companies should take to prepare their teams for a ransomware attack.

1. Back up all data and frequently test your backup systems by restoring everything. This way, if you become a victim of a ransomware attack, the attacker would not have any leverage. The crucial nuance is not to assume your backup is working and to check the restore process frequently. Most companies have a backup strategy but have never tested a full restore. Think about the US Army; soldiers must practice shooting a target day after day to prepare for the invasion that may never come.

2. Transfer your data to a cloud platform like Google, Azure (Microsoft), or AWS (Amazon). Cloud providers make it easy to keep up with security updates. Cybersecurity threats could come from any angle, but hackers usually scan for easy targets like unpatched servers and well-known security bugs and holes. If your software is up to date, the chances of you being a target are much lower.

3. Another good way to lower your risk is to compartmentalize data. For example, instead of adding all projects to one server, use a separate docker container (virtual servers) for each project and host them on different virtual networks. This way, your operations will not be paralyzed if there is an issue with a server.

Collaborate with your clients and vendors and discuss cyber security strategies openly and honestly. Work as a team and build up the confidence that all components are well protected. Choose a cloud-based field management platform like Fieldman because it was designed with cyber security in mind. Its architecture reduces the attack surface, making it much safer. We are experts at all the necessary tools like two-step authentication, secure protocols, and other features.