Designed to help customers better manage their power and improve energy efficiency, these meters could allow users to under-report energy use or use someone else’s ID to pay their bill.
One of the main problems was that the devices were sat in people’s homes and were not under the control of power firms.
“If you physically own a piece of hardware you can compromise it,” said Greg Jones, security investigator.
Securing your company’s assets is one of the fundamental issues for maintaining cyber security.
The utility company in question (they asked not to be named) needs an information security management system (ISMS) that addresses people, processes and technology in a single, cohesive package.
ISO27001 is the internationally recognised information security standard that covers the three major facets of cyber security. It offers a security system that is strategic as well as operational, encompassing people, processes and IT systems.
The ISO27001 Get A Little Help package from IT Governance offers all the resources and guidance you need to implement an ISO 27001-compliant ISMS. It is a perfect solution for organisations that already have some experience with management systems. Find out more >>
Millions of these smart meters are set to be installed in Spain before 2018; we just hope that the utility company can adjust its cyber security measures before then.
If you want further information on information security and ISO27001, download our free green paper here.