Please contact our Customer Service Team if you are unable to log in at clientservices@accessintel.com or 1-888-707-5814. 
Romanus Prabhu Raymond
Bad actors are quite savvy. Knowing that utility workers are distracted and resources are strained, bad actors like to ramp up their efforts during natural disasters.
While handling these high-pressure situations, information technology (IT) personnel are faced with a challenge on multiple fronts: they have to quickly restore critical services, while simultaneously defending the network against heightened risk of cybersecurity threats.
COMMENTARY
To best prepare for these situations, utility companies should prioritize phishing awareness training, incident and disaster response planning, centralized IT visibility, and effective automation.
Few, if any, regions are immune from natural disasters, and unfortunately, this is when utilities see an influx of phishing attempts. Jean Clarke, a 25-year IT veteran at Gainesville Regional Utilities, explains how natural disasters can create a perfect storm for IT service management.
Said Clarke, “Every place in the country gets some kind of natural disaster—be it hurricanes here in Florida, snowstorms in the north, fires in California. And when those disasters happen, everybody is more focused on getting things fixed than being cautious with technology. That’s generally when we find that our phishing attempts go up. But what we’ve found is that with the cybersecurity training and the phishing attempts we do all year long, people are very aware.”
With phishing attempts spiking during natural disaster emergencies, it’s vital that employees receive effective phishing awareness training. In fact, utility workers should be cognizant of the very fact that phishing attempts increase during disasters.
Short, frequent, and year-round training sessions will help to instill a healthy dose of skepticism in all employees. While simulating phishing attacks, be sure to use realistic correspondence with common lures, such as password reset requests, shipping notices, or invoices. Also, be sure to incorporate different modes of delivery, such as business email compromise, QR code, SMS, and voice phishing.
Through adequate training, utility workers will be on the lookout for phishing attempts during high-stakes events, and over time, a healthy skepticism will become second nature.
When natural disasters strike, time and resources are constrained, so having IT service management tools consolidated in one location makes IT administrators’ lives much easier.
Clarke said, “People are out in the field. There are power lines down, trees down. They’re trying to get power back on, get water flowing, make sure we don’t have wastewater issues. The consolidation of tools is critical. If you can look at everything in one pane of glass, instead of having to look at six or seven panes of glass, it’s a whole lot easier to clean things up as quickly as possible.”
IT personnel should not have to waste valuable time switching between dashboards to view the state of corporate assets and systems. In a unified dashboard, one can assess IT system health, endpoint health, workforce availability, and importantly—various alerts.
A unified operational view saves time and allows actions to be prioritized based on real-time data. By looking at a single pane of glass, as Clarke describes it, one can effectively, rapidly—and holistically—assess the situation.
In order to quickly restore service, meet regulatory obligations, and prevent additional outages, it is vital to an effective incident response plan (IRP) and a disaster response plan (DRP) in place.
For utility companies that operate bulk electric system assets, an IRP is legally mandated according to NERC Critical Infrastructure Protection, or CIP, requirements. However, municipal utility providers should follow the same practices as their larger counterparts.
Within the utility’s corporate organization chart, individuals should be assigned clear roles and responsibilities during a disaster. Additionally, the companies’ response should be coordinated with the relevant state emergency management agencies and public utility commissions.
Generally speaking, there should be a series of predefined restoration priorities for hospitals, wastewater facilities, and emergency services. After these services are restored, utilities should have processes in place to communicate with regulators, emergency officials, and the public.
Put simply, when disaster strikes, an effective recovery plan is vital to maintain public trust and a healthy cybersecurity posture.
AI-assisted monitoring and automation can support IT response teams by improving visibility, reducing manual effort, and enabling faster responses during disruptive events.
Through the use of automation, IT personnel can more easily identify, correlate, and escalate critical issues in real-time, allowing them to act quickly. All anomalous behavior on the network should be flagged, and alerts should be triggered.
To prevent alert fatigue, IT personnel should preemptively ensure that only important alerts are flagged. Events such as application failures, server outages, unauthorized remote access attempts, and privilege escalation efforts should all trigger alerts.
Depending on the situation, alerts can be set to trigger ticket creation or account lockouts. To give a couple quick examples, perhaps there is an unauthorized device access attempt, or an influx of phishing emails related to hurricane evacuation are entering the network—such events should trigger important alerts for IT personnel.
As long as this behavioral anomaly detection and alert automation is frequently tested and proven to be accurate, it can save response team workers a great deal of time when they need it most.
Through year-round security awareness training, centralized IT visibility, a bevy of automated alerts, and effective response plans in place, utility companies can keep their networks safe and respond quickly when natural disasters strike.
Year-round phishing attack training can cultivate a healthy level of skepticism throughout the organization; so when the phishing attempts pour in during a disaster, employees are prepared.
Lastly, by using a consolidated IT monitoring platform with behavioral anomaly detection and automated alerts, IT administrators can make decisions quickly and deftly during these times of crisis.
—Romanus Prabhu Raymond is a seasoned IT leader with more than 20 years of expertise in Unified Endpoint Management and cybersecurity. As Director of Technology at ManageEngine, a division of Zoho Corp., he oversees the complete customer journey while heading product evangelism, professional services, partner certification, and customer success initiatives.
Modern process industries are experiencing fluctuating market conditions and tight operational margins, leading chemical engineers to rely on real-time data to boost efficiency and reduce costs. Yet, many organizations are at different stages in their digital transformation journey. Some are just starting, while others are looking to optimize existing solutions. This webinar explores practical ways […]
Sponsored by dataPARC
Sponsored by RENTECH
Sponsored by technosylva
The inaugural Data Center POWER eXchange brought the data center power ecosystem together in Denver for a focused, one-day summit on the infrastructure shaping the future of digital growth. From site selection and development to operations and forward planning, DPX connected leaders across data center ownership, utilities, engineering, power generation, and technology. Watch to see […]
archives + podcasts + webinars + e-letters + video + exclusive content + events + much more!
For over 142 years, POWER has been the unwavering pillar of the power and energy industry, offering unparalleled insights on the latest trends, best practices, and news through our robust channels: print, digital media, and in-person events.
POWER is at the forefront of the global power market, providing in-depth news and insight on the end-to-end electricity system and the ongoing energy transition. We strive to be the “go-to” resource for power professionals, offering a wealth of information on innovative business practices, sound safety measures, useful productivity enhancements, and much more.
Sept. 28—30, 2026
Omni Shoreham
Washington, D.C.
Learn More
Trends, best practices, and news through: print, digital media, and in-person events. Subscribe
Exclusive E-letters to POWER up your knowledge. Sign up
© 2026 Access Intelligence, LLC – All Rights Reserved
When the Levee Breaks: Managing Cybersecurity Threats During Natural Disasters – POWER Magazine
Leave a Comment
