Cyber Security in Electric Coops
John Hargrove, PE TX
Chief Operating Officer @ Evergreen Technology Solutions, LLC | President, Economic Development
The bad guys are trying to get in to the Grid Operational Networks
We have to do the basic cyber security activities: identify, protect, detect, respond, and recover from cyber attacks
Rapid changes in 10 years - From Analog and Legacy Digital to advanced interconnected IP ICS/SCADA networks
What we the electric coops in East Texas are doing
The IP network presents new capabilities for reliability and performance and new challenges to ICS/SCADA network security. Sam Houston started a focus in cyber security in late 2016 to NERC CIP and NIST standards. adding Firewalls and Monitoring systems, adding Awareness Training with scada focus, conducting Phishing training campaigns.
Grid Network is different from Enterprise
Focus is on Safety of People, protecting Equipment and Systems
Drivers for Cyber Security Changes
- Threat landscape changes daily
- State Actors (Asia, Russia, China, others)
- Terror Organizations
- Criminal Businesses that Focus on stealing or extortion
- Hackivists motivated by a cause
The Coop approach we are using
- Basic cyber security activities : Identify, Protect, Detect, Respond, and Recover.
- Threat hunting and baseline documentation is becoming a larger focus
- The question is not IF but WHEN or HAVE they already gotten into the OT network
- NERC CIP compliance improves cyber security, but needs more
- Threats are constantly evolving on a daily basis
- Threat hunting and behavior baselines are becoming more important
- Awareness Training has to be done
- Deploy firewalls to isolate critical systems at each substation.
- Preparing for medium NERC CIP standards at Control Center.
Enterprise Business Technologies, Strategies & Delivery | CISSP | ITIL
6 年Interested in IP NIST Compliance Framework and SCADA interconnections.?
Founder & CEO at Cogito Innovations | Delivering Solutions without Sacrifice
6 年Great article John! Now you need a good 'ole gov't style acronym to cram your basic cybersecurity activities together (Identify, Protect, Detect, Respond, and Recover)...perhaps RADIRP? RIPRAD?
Senior Vice President, Engineering at NovaTech Automation
6 年Awesome job John!
Great work John Hargrove, PE TX, keep up the fight!
Director, Strategic Accounts at Dragos, Inc.; Cofounder at HOU.SEC.CON; Industrial Cybersecurity and Community Advocate
6 年Great post and excellent start, John! Thanks for sharing - many coops get left behind when they are an easier target...