Saturday, May 31, 2025
  • Privacy Policy
  • Contact
  • Terms & Conditions
Environmental Magazine
Advertisement
  • Home
  • News
  • Climate Change
  • Energy
  • Recycling
  • Air
  • Fossil Fuels
  • Water
No Result
View All Result
Environmental Magazine
  • Home
  • News
  • Climate Change
  • Energy
  • Recycling
  • Air
  • Fossil Fuels
  • Water
No Result
View All Result
Environmental Magazine
No Result
View All Result
Home News

Data defence: Reflections on the recent water industry cyber-attacks

February 27, 2024
in News
A A

Matt Eustace, Data Protection Officer at UK AI firm Aiimi, which works with a number of water companies on cyber-security, offers perspective on recent events, and advice on making data watertight against such attacks.

Last month, not one, but two major water companies were the victims of ransomware attacks. Veolia North America, in the US, and Southern Water, in the UK, both suffered data breaches as a consequence of the attacks, with the Black Basta ransomware group claiming responsibility for the Southern Water raid. Southern Water has since confirmed that data belonging to 5-10% of its customers has been stolen as a result.

Public services and infrastructure have become a popular target among cybercriminals in recent years. From the infamous 2022 Colonial Pipeline attack (which caused the US government to invoke emergency powers to avoid fuel shortages), to last autumn’s British Library breach and a series of attacks on NHS organisations – incidents are plentiful and painful. The size of this threat is only set to grow, as warned in a new government report, with AI tools enabling cybercriminals to increase the scale and severity of their attacks.

Despite the increasing cyber threat, the importance of data held by public services cannot be underestimated. For instance, water companies hold vast amounts of information that contain crucial insights into service use and impact. To this end, Ofwat has been calling on water companies to engage in open data practices to better utilise this information: data sharing that would boost transparency and consumer trust, help establish new business models and services (that could especially benefit vulnerable customers), improve decision making and help meet environmental
challenges.

Of course, there’s a fine balance to strike between making the best use of data and pursuing innovation, whilst upholding the safety and security of critical national infrastructure. How, then, can water companies utilise data whilst protecting it from the designs of cybercriminals?

Shoring up your data
The first step in successfully securing data is understanding it. Organisations who are serious about security will run a firmwide data audit, to understand the scope and nature of the data they’ll have to manage, and to discover any data that’s been stored and forgotten about. Organisations evolve, adopting new and retiring old technology, introducing new systems and information via mergers and acquisitions, and seeing employees come and go. This means that if there’s no system in place to manage data,

it’s easy to lose track of all the information a company holds. Once the full scope of data being handled is revealed, the next step is to structure that data. This means identifying out-of-date information that needs to be updated, labelling any sensitive information, and categorising data for easy future retrieval. Not only does this ensure companies are efficiently working with accurate information, it also means that all sensitive data – including the personally identifiable information which is hugely attractive to hackers – can be separated out and given the full protection it needs.

Employee passport photos held by HR departments are a very different type of data to the readings coming from site sensors. Both should be protected, but the data will need to be treated differently. Once the data has been categorised, companies then need to review access. It’s important employees are given easy access to the information they need to do their job and aren’t being siloed – this is how mistakes can occur.

But it’s also crucial only the users that need that data can get to it. A common way cyberattacks occur is through phishing attacks: trying to trick users via increasingly sophisticated tactics into clicking on malicious links, for example, and allowing cybercriminals into a network. Part of protecting against this is through regular employee training. But another important pillar of protection is being strict about who can access what, and having stringent security checks to enforce this. An intern shouldn’t have keys to the boardroom.

Continuous monitoring
The issue is that this process of organising data can’t be a one-off occurrence. New data will be continuously coming in, and continually sorting, labelling and storing it correctly is a huge task.

It’s a challenge for organisations like water companies, who are dealing with data en masse, in particular. This is where AI comes in. AI tools can automate data governance, to efficiently and accurately manage the process by which data is scoped out, structured and secured. Specialist AI tools will flag any duplicate or similar versions of files along the way, and even convert sound files into text for greater accessibility and easier use. This means companies can automatically understand the data they have, where it lives, how sensitive it is, what it’s being used for, and who really needs access. And it ensures sensitive information is instantly protected, barricading it against hackers and maintaining compliance with the latest data protection laws.

Automatic data management does more than defend data, however. Cleaned-up data lays the foundation for future AI applications, as the correct information is accessible in the right form for AI tools to instantly understand and process and ROT (Redundant Obsolete and Trivial) or highly sensitive data is kept out of the picture. As water companies embrace AI to help deliver improved services and protect the world’s most precious resource, it’s imperative they have the data management in place to back it up.

The lesson of last month is that public services are very much in the crosshairs of cybercriminals. But this doesn’t mean organisations are completely open to attack. The data malicious actors are after can be effectively safeguarded through thorough automated data governance. Knowing what you have, where it is, and who has access to it is crucial if companies want to keep their information out of hackers’ hands.

ShareTweetSharePinSendShare

Related Articles

News

Thames Water receives £122.7m fine in reported sewage spills crackdown

May 28, 2025
News

Net zero report sets out path to cut carbon and costs for small firms

May 28, 2025
News

Scotland can reach Net Zero by 2045 but needs to step up the pace, says CCC

May 27, 2025
News

1.5°C Paris target too high for polar ice sheets, says new study

May 20, 2025
News

Traffic noise: Time to get serious?

May 20, 2025
News

Research will investigate risk of hidden microbial impact on CO2 storage

May 18, 2025

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

The Pope Led Notre Dame Toward Decarbonization. He Hasn’t Influenced the School’s Alabama Coal Investment

January 21, 2025

Planter catches rainwater at railway station

August 2, 2024

Don't miss it

Fossil Fuels

U.S. Steel Is a Major Source of Pollution in Pennsylvania. Will Its Sale Lock in Emissions for Another Generation?

May 30, 2025
Activism

Trump Executive Orders Violate Young People’s Rights to a Stable Climate, a Lawsuit Alleges

May 30, 2025
Fossil Fuels

Supreme Court Backs a Controversial Railroad in Utah for Carrying Oil

May 29, 2025
Energy

Clean Energy Project Cancellations Top $14 Billion So Far in 2025

May 29, 2025
Energy

What Will Tariffs Do to the Energy Economy? Here Are Three Scenarios

May 29, 2025
Fossil Fuels

Pennsylvania Fracking Company Surrenders Water Permits Over Concerns About Stream Flow

May 29, 2025
Environmental Magazine

Environmental Magazine, Latest News, Opinions, Analysis Environmental Magazine. Follow us for more news about Enviroment and climate change from all around the world.

Learn more

Sections

  • Activism
  • Air
  • Climate Change
  • Energy
  • Fossil Fuels
  • News
  • Uncategorized
  • Water

Topics

Activism Air Climate Change Energy Fossil Fuels News Uncategorized Water

Recent News

U.S. Steel Is a Major Source of Pollution in Pennsylvania. Will Its Sale Lock in Emissions for Another Generation?

May 30, 2025

Trump Executive Orders Violate Young People’s Rights to a Stable Climate, a Lawsuit Alleges

May 30, 2025

© 2023 Environmental Magazine. All rights reserved.

No Result
View All Result
  • Home
  • News
  • Climate Change
  • Energy
  • Recycling
  • Air
  • Fossil Fuels
  • Water

© 2023 Environmental Magazine. All rights reserved.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.