Every utility has a collection of technologies, processes and people devoted to protecting their critical assets. The Verification principle is devoted to understanding what makes up a utility’s current defense and finding any gaps and vulnerabilities. Inevitably, utilities’ cyber defenses have many gaps. For instance, it’s common for utilities to have multiple brands of firewalls and routers inside their network. This can translate into misaligned or inadequate rules governing permissions and alerts. The thorough analysis during Verification can identify these vulnerabilities and ultimately fix them.
Verification also involves identifying and rectifying potential compliance
problems associated with existing rules. Addressing these issues requires
capturing metadata about the who, when and why around rule changes.
All too often, this information is stored in Excel files.
These gaps and mismatches are why Network Perception, NP-View, provides utilities with a uniform process for storing metadata that allows for consistent change management.
The need for an easily understood and common language about a utility’s network segmentation and how critical assets are protected is vital. Which is why Visibility is such an important pillar of cyber resilience. A number of elements go into Visibility. An important one is a clear understanding of the criticality of the servers, workstations and equipment that make up a network. For instance, computers that manage generators producing electricity are critical — in fact, NERC- CIP requires that a cyber asset that could affect the operation of the bulk electric system within 15 minutes of a compromise be identified as a BES critical asset.
Network Perception combines the need for a common language and the concept of criticality into its visualization of the topology of a utility’s network. This allows utilities to label the criticality of assets and their defenses and promotes easy understanding among technical and non-technical audiences. (Watch this short video on Topology mapping here)
Velocity. A common observation about achieving and maintaining utility cyber resilience is this: Cybercriminals adapt and evolve their attacks much more rapidly than those in charge of security can respond. It’s a real challenge, one that is made worse when utilities don’t assess and respond to risks and attacks in real time.
Network Perception’s ability to ingest configuration files and data allows utilities to model their networks and visualize their risks and vulnerabilities in real time. This is what injects Velocity into a utility’s cyber resilience, allowing companies to proactively identify and mitigate risks as they happen.
The threat to critical infrastructure is only increasing in volume and sophistication.
Read further here in how to become aware, be proactive, and build a cyber resilient environment.