The winter reminds us of a somewhat forgotten reality: the continuity of electricity, heating, gas, or services operated by critical infrastructure is never guaranteed. In times of heightened geopolitical tension, energy networks become not only a prime target, but also a potential multiplier of chaos. In terms of security, the issue is therefore no longer just about protecting systems, but about maintaining operational continuity, limiting the domino effect, and ensuring structural resilience capable of absorbing even a serious incident.
The operational security of critical infrastructure no longer relies solely on prevention or isolated technical measures. It requires a systemic approach, combining resilience engineering, intelligent segmentation, coordination between actors, frequent simulations, and the ability to restore services under degraded conditions.
In this second part of our series, we will attempt to analyze how best to ensure the security of this critical domain.
Energy operators have long thought of security as a compartmentalized issue, focused on IT systems. However, service continuity encompasses the entire ecosystem: industrial control, logistics, remote transmission, suppliers, subcontractors, high-voltage substations, sensors, and even the human management of repair and maintenance teams. An attack no longer aims solely to infiltrate a system, but to disrupt a set of interdependent processes.
A robust policy must include:
Each of these steps helps to ensure that a digital failure does not turn into a human or economic disaster. To achieve this, resilience can no longer be thought of in terms of isolated actions; it must become a true fabric.
Segmentation is one of the most critical pillars. It is also often one that is most often poorly implemented. Energy infrastructures often inherit historical architectures, built up over decades, in which all networks are interconnected, sometimes invisibly. Such a configuration allows an attacker to move around more easily once they have gained access.
There are generally three levels of segmentation:
The goal is not only to prevent an attack, but also to contain its impact. Successful segmentation is not necessarily aimed at stopping intrusions, but it transforms a potentially massive attack into a localized incident, allowing the consequences to be distributed and absorbed, and thus minimized.
In addition, segmentation must be accompanied by very strict access policies. In winter, teams in the field, sometimes faced with difficult conditions, may be tempted to circumvent restrictions to save time. Resilience therefore requires a constant balance between security and operability, in order to prevent the system from becoming unnecessarily rigid, while maintaining security.
Operational resilience should never be confused with redundancy. Having two identical systems does not guarantee that one will survive an attack that exploits a common vulnerability. True resilience involves diversity in mechanisms, technologies, suppliers, and response procedures.
Energy operators must therefore develop several layers:
A best practice is to document break points which, if compromised, lead to cascading failures. In an energy system, these break points can be a transformer station, a remote control interface, a single sensor supplier, or even a simple unencrypted protocol connecting two industrial subsystems.
Resilience also requires the modernization of aging technologies. Much of the infrastructure still operates on unsecured protocols, which are sometimes impossible to update without replacing an entire industrial chain. This budgetary and logistical challenge is one of the central issues in energy cybersecurity. It is not a question of replacing everything, but of prioritizing vital areas, isolating the oldest systems so that they do not constitute entry points, and strengthening peripheral defenses to avoid a domino effect as much as possible.
Incident simulation is undoubtedly the most powerful tool for containing crises, yet it is also the most underused. Many operators conduct annual exercises, often focused on compliance, with predictable and controlled scenarios. However, today’s attacks are designed to thwart precisely what is anticipated. A credible simulation must:
The goal is to detect invisible flaws. A well-executed simulation always reveals surprises: undeclared dependencies, forgotten configurations, lack of updated documentation, or incompatibility between theoretical procedures and reality in the field.
The energy winter imposes an additional constraint: an extreme cold snap can cause network saturation; a cyberattack and a physical incident occurring simultaneously add additional strain on the systems. Exercises must therefore consider combined crises.
No technical strategy can compensate for an organization that does not understand the logic of continuity. Operators must train their teams not only in IT security, but also in decision-making in degraded situations, particularly in prioritizing tasks in an emergency.
A culture of continuity also involves recognizing that
in certain situations, the priority is no longer protecting the system, but protecting people and preserving the physical infrastructure.
Teams must sometimes be prepared to take certain systems offline, shut down processes, and isolate entire segments of the network, even if this results in a temporary loss of service. Continuity also means the ability to regain control quickly and effectively after a shutdown.
Come back in mid-January, after the holidays, for our retrospective of the year 2025. In the meantime, if you have a movie, TV series, software, or e-book that you want to protect, don’t hesitate to call on our services by contacting one of our account managers. PDN has been a pioneer in cybersecurity and anti-piracy for over ten years, and we’re sure to have a solution to help you. Happy reading, and see you soon!
Share this article
