With cyberattacks on energy infrastructure rising sharply, utilities are racing to harden their operational technology (OT) networks. Yet the hidden bottleneck isn’t always the firewall, it’s the network itself.
Industry analysts project that enterprise OT cybersecurity budgets will grow nearly 70% from 2023 to 2028, reflecting the urgency to defend critical infrastructure from increasingly sophisticated threats. Utilities are expanding their defenses to include:
Micro-segmentation for isolating critical assets
Network Access Control (NAC) and Privileged Access Management (PAM)
Encrypted tunnels such as IPSec and DTLS
Intrusion Detection Systems (IDS) and AI-driven Anomaly Detection
Identity and Access Management (IAM)
Each layer is critical for defending critical infrastructure—but there is a tradeoff in the form of bandwidth consumption, latency, processing power and storage demands.
Cybersecurity is built into the network
“Cybersecurity isn’t just a software challenge—it’s also a network performance challenge,” said Susan Herman, head of strategy and global industrial cybersecurity at Black & Veatch.
Even basic protections like encryption and authentication protocols can add latency and consume bandwidth—costing utilities availability, reliability and money. As OT systems become more complex, every millisecond of delay and megabyte of usage matters.
Utility private LTE (pLTE) and 5G networks are sought after for their control, reliability and low-latency performance. Private, licensed wireless networks offer several advantages over public networks, including protocol native features such as network slicing for zero trust, intrusion and anomaly detection, and over-the-air updates. As utilities modernize their infrastructure, balancing stringent cybersecurity requirements with the realities of network performance becomes increasingly complex. Each protective layer, while essential for defending critical assets, has a tangible impact on system resources and operational efficiency.
“Utilities must be cognizant of the additional overhead introduced by encryption, monitoring and authentication protocols to control the attack surface, because every millisecond of latency and every megabyte of bandwidth impact the cost and effectiveness of securing the grid.” said Herman.
The 800 MHz spectrum advantage for utility networks
Not all private LTE or 5G networks are created equal. Deployments using 800 MHz spectrum (Band 26) stand apart in enabling secure and efficient OT operations.
Compared to higher-frequency spectrum available to utilities,800 MHz offers:
Deeper penetration into substations, vaults and rural AMI poles
Greater link stability for encrypted connections
Wider channel bandwidth for secure communications (QoS, VPNs, segmentation)
Fewer base stations required, simplifying RAN security and monitoring
Improved signal quality with higher signal-to-noise ratios and fewer reflections
Why 800 MHz matters for OT cybersecurity
Leveraging 800 MHz reduces performance degradation from strong security controls such as:
Encrypted VPN tunnels (IPSec, DTLS)
Deep Packet Inspection (DPI)
Real-time IDS logging and alerting
Multi-factor authentication (EAP-TLS, SIM-based)
Streaming Security Information and Event Management Systems (SIEM) logs from remote OT sites
From a cybersecurity perspective, more bandwidth enables:
Encryption overhead (10–30% payload increase) is absorbed without throttling traffic.
Zero Trust segmentation can use additional routing hops or VLAN tags without lag.
IDS and DPI firewalls can inspect packets and forward alerts in real time without choking the network.
Multi-factor authentication handshakes complete more reliably.
SIEM and over-the-air updates can stream continuously without disrupting operations.
Backed by real-world testing and cyber risk quantification with FAIR
DFND Security is collaborating with Black & Veatch to benchmark the cybersecurity performance of private LTE and 5G solutions using the 800 MHz Band 26 spectrum.
“In short, 800 MHz provides up to twice the bandwidth of other low-band options,” said Geoffrey Poer, CISO at DFND Security. “More bandwidth means more headroom—giving utilities the capacity to deploy essential cybersecurity measures without compromising speed, reliability, or scalability.”
DFND and Black & Veatch are also working together to build a Cyber Risk Quantification model using FAIR (Factor Analysis of Information Risk). This enables utility executives to quantify cyber risks in financial terms with an Annual Loss Exposure (ALE) dollar amount, enabling smarter investment decisions and aligning cybersecurity with business priorities
The Bottom Line
As utilities modernize grid systems, connectivity alone isn’t enough. The future depends on secure, resilient, and cyber-ready networks that can support advanced defenses without sacrificing performance.
With its unique combination of coverage, capacity, and control, 800 MHz Private LTE gives utilities the foundation to build Zero Trust architectures, maintain real-time reliability, and scale securely into the next generation of energy infrastructure.
