Cyber Security in Electric Coops
IEEE REPC 2018 Memphis TN

Cyber Security in Electric Coops

The bad guys are trying to get in to the Grid Operational Networks

We have to do the basic cyber security activities: identify, protect, detect, respond, and recover from cyber attacks

Rapid changes in 10 years - From Analog and Legacy Digital to advanced interconnected IP ICS/SCADA networks

What we the electric coops in East Texas are doing

The IP network presents new capabilities for reliability and performance and new challenges to ICS/SCADA network security. Sam Houston started a focus in cyber security in late 2016 to NERC CIP and NIST standards. adding Firewalls and Monitoring systems, adding Awareness Training with scada focus, conducting Phishing training campaigns.

Grid Network is different from Enterprise

Focus is on Safety of People, protecting Equipment and Systems

Drivers for Cyber Security Changes

  • Threat landscape changes daily
  • State Actors (Asia, Russia, China, others)
  • Terror Organizations
  • Criminal Businesses that Focus on stealing or extortion
  • Hackivists motivated by a cause

The Coop approach we are using

  • Basic cyber security activities : Identify, Protect, Detect, Respond, and Recover.
  • Threat hunting and baseline documentation is becoming a larger focus
  • The question is not IF but WHEN or HAVE they already gotten into the OT network
  • NERC CIP compliance improves cyber security,  but needs more
  • Threats are constantly evolving on a daily basis
  • Threat hunting and behavior baselines are becoming more important
  • Awareness Training has to be done
  • Deploy firewalls to isolate critical systems at each substation.
  • Preparing for medium NERC CIP standards at Control Center.






Bruce Speyer

Enterprise Business Technologies, Strategies & Delivery | CISSP | ITIL

6 年

Interested in IP NIST Compliance Framework and SCADA interconnections.?

回复
Joshua Simmons, P.E.

Founder & CEO at Cogito Innovations | Delivering Solutions without Sacrifice

6 年

Great article John! Now you need a good 'ole gov't style acronym to cram your basic cybersecurity activities together (Identify, Protect, Detect, Respond, and Recover)...perhaps RADIRP? RIPRAD?

Jeremy Anderson

Senior Vice President, Engineering at NovaTech Automation

6 年

Awesome job John!

Sam Van Ryder

Director, Strategic Accounts at Dragos, Inc.; Cofounder at HOU.SEC.CON; Industrial Cybersecurity and Community Advocate

6 年

Great post and excellent start, John! Thanks for sharing - many coops get left behind when they are an easier target...

要查看或添加评论,请登录

John Hargrove, PE TX的更多文章

社区洞察

其他会员也浏览了