Power Up: Using AI to Boost Utility Security and Resiliency

Physical security is a non-stop concern for utilities. From menacing physical attacks on power stations to less nefarious events, like teens trespassing in order to go fishing in a reservoir, and well beyond, utilities must be constantly vigilant.

In 2025 and looking ahead, utilities will need to ramp up their physical security initiatives in order to maintain security boundaries and ensure ongoing operations of the essential services they provide. More cameras and sensors, generating more data, have become part of the solution. But with them comes the need for new approaches that streamline the work and make it manageable. A forward-focused approach requires a fresh look at new technologies and the best practices that can support facilities’ security and infrastructure security.

Recognize the Convergence of Physical Security and Cybersecurity
Today’s best practices for physical security are about more than guarding entry to a physical plant. They’re focused on protecting ongoing operations of the site, with a trend toward comprehensive security approaches

Cybersecurity is now an integral element of physical security solutions, with about three-quarters of physical security professionals recognizing cybersecurity as a high or very high priority. Keeping a substation or an entire grid secure requires appropriate cameras for video surveillance and access controls, sensors for environmental monitoring, and appropriate cybersecurity approaches for encryption, authentication, audits, and automation. Secure-by-default architecture of physical security initiatives protects security systems to the fullest extent possible.

The convergence of physical and cyber initiatives is driving best practices for utilities and their surveillance systems. Cloud-based physical security systems help keep pace with risks to the physical facility and its users, while also allowing initiatives to scale. This approach moves beyond the limited, inefficient functionality of traditional on-premises and closed systems.

Legacy systems, which often use port-forwarding to enable remote access, create attack vectors, leaving openings for bad actors to undermine a facility’s security program. Cloud-based security not only provides more secure native access, but it streamlines the scaling and management of physical security, even for thousands of cameras and accessories used for a single location or a group of locations.

Increasingly, regulatory changes are driving and supporting this convergence. For example, the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) plan, implemented to manage the bulk electric system (BES) in North America, has clear implications for monitoring security and access control. It’s just one of the varied initiatives with which utilities must comply; for example, its cybersecurity framework maps to the best practices detailed by the National Institute of Standards and Technology (NIST) Cybersecurity Framework for cybersecurity and data privacy.

Additional regulations, such as the Cybersecurity Maturity Model Certification (CMMC), detail how any defense industrial base contractors (DIB) contractors must comply with cybersecurity standards issued by the U.S. Department of Defense (DOD). Whether in the context of protecting the BES or any other utility, the need for cybersecurity and physical security initiatives to come together is clear. 

Plan for the Integration of Artificial Intelligence into Utility Security Initiatives
To scale physical security initiatives for utilities, security teams must find efficiencies for managing the massive amounts of data delivered by the monitoring devices. AI offers the potential to modernize, streamline, and transform initiatives.

AI-enabled analytics now make it possible to:

• Prompt physical security systems to instantly locate relevant footage for events such as anytime a human or vehicle approaches a power plant’s locked fence, or gets a certain distance from a water district’s reservoir.
• Automatically detect and categorize security events, with intelligent event recognition that identifies behavior patterns that are unusual for that This can eliminate hours of manual video review, while flagging security threats that merit immediate response.
• Improve facial recognition, speeding identification and delivering greater accuracy about workers’—or intruders’—actions. This can provide insights about unauthorized access, identify movement patterns, and log facility entry/exit.

Utility security teams can create standard operating procedures for striking a balance between human monitoring and AI-powered alerts. A utility can do so by identifying security thresholds that are appropriate for the facility, establishing (and refining, as needed) a list of AI prompts that should be integrated into their processes, and having a review process in place to ensure that the AI prompts are effective in meeting the organization’s needs for security and efficiency, without creating alert fatigue. For example, alerts should be tailored to a user’s particular role. A guard or gate agent may benefit from alerts about a specific entry or lot, while the IT team may need alerts about things such as device disconnections.

Strengthen Incident Investigation & Response
Efficiency is key for incident investigations. When there’s a physical security concern at a utility site, relying on contemporary search capabilities can streamline incident responses and speed resolution. For example, cloud-based security programs allow teams to swiftly gather evidence from video feeds or from environmental monitoring devices. A relevant video clip can be saved, password protected, and made available (with an expiration date, if necessary) and shared by email or phone with the appropriate team, including law enforcement, for a rapid and coordinated response.

Beyond single events, utility sites benefit from cloud-based security through the ability to rapidly search for patterns, drilling into granular data. How frequently did a particular vehicle, or particular driver, approach the wastewater facility or the solar array? Was there a recent deviation in the usual pattern of where that vehicle went within the site?

Similarly, effective records can augment perimeter control initiatives and access control. Cloud-based physical security streamlines the management of facility and building access and credentials. Access-based events can be paired with data from other systems (alarms, cameras, sensors, and other security system integrations) to centralize physical security management.

Looking Ahead…
Physical security for utilities will evolve dynamically in the coming few years. AI will do more; beyond looking for things it’s been trained to identify (trucks, individuals, personal protective equipment, for example), it will be able to report on overall operations and respond to prompts like, “Is everything safe at this facility?” The answers can deliver great efficiencies, saving time and offering opportunities for innovation—but only for the teams that are prepared to use them.

Dave Gustafson is VP of Hardware at Rhombus, an open, cloud-managed physical security platform.