Cyber Threats on the Rise: Invest Now to Boost Power Grid Defenses
Critical infrastructure security is in the national spotlight. In 2020, the power grid and energy sector was the third most targeted sector for cyber-attacks, up from ninth place in 2019, and the threats are growing more sophisticated. The Biden administration recently issued a national security memorandum which sets baseline cybersecurity goals and practices to protect the grid. The order also encourages the deployment of advanced technology for threat visibility, detection, monitoring, and response.
Power and utility companies play a starring role in safeguarding the nation’s infrastructure. As organizations double down on compliance and technology, there are several things to consider amidst a rapidly evolving cybersecurity landscape.
Confidently and compliantly secure your assets
Maintaining compliance with NERC-CIP standards is just the first, yet critical, step in boosting cybersecurity defenses. These mandates were put forth to institute a bare minimum for security. Keeping up with effective Transient Cyber Asset (TCA) (NERC CIP TCA), vulnerability and patch management and assessments, (NERC CIP-007/NERC CIP-010) and enterprise patch management (NIST SP 800-40 Rev. 3) best practices is foundational to ongoing cyber protection.
In addition to choosing technology that makes it easier to adhere to these standards with continuous monitoring, quick patch management, and other capabilities, it’s important the tools you’re using also maintain compliance with these standards.
Make sure any software you’re using to manage your assets and their security exceeds NERC CIP-007-6 R2.2 for timely patch evaluations to ensure compatibility. Also ensure that the software has undergone an authenticity and integrity verification process according to NERC CIP 010-3 R1.6 so you know the system is from a legitimate source and hasn’t been modified.
Invest in transient cyber asset security and patch management
Remote field devices can present major security risks. Transient cyber assets (TCAs) such as tablets, asset testing laptops, and protective relays are often disconnected from the main network, making them a prime channel for spreading malware. Given TCAs contact critical assets regularly, they’re a top security threat if not secured properly.