Current AffairsCyberattacks in the energy utility sector are on the rise. In fact, recent data found that lateral movement and internal reconnaissance behaviors were seen at higher rates across energy networks than other industries on average. Two factors conspire to drive this increase. One is the rapidly-expanding interconnections across utility systems as companies look to leverage data from mobile and IoT devices. The other is the historic lack of high-level cyber security for energy and utilities. This creates a perfect opportunity for hackers. Systems that are considered secure now offer ease of movement across utility networks to access key operational systems. At the same time, many energy enterprises lack the IT infrastructure necessary to detect, isolate and remediate new threats. Insider risks are also on the rise as individuals with privileged access offer a secondary route to utility compromise. Phishing attacks, business email compromise and lacking encryption of critical data conspire to reduce overall network security.
Powering up Cyber Security for Electric & Gas UtilitiesTo address the growing impact of malicious external threats and accidental internal compromise, organizations need purpose-built cyber security for electric utilities. At HALOCK Security Labs, we can provide services including:
- Penetration testing — Where are your weak points? What, if any, vulnerabilities have new devices or open-source solutions introduced? Our experts can assess your internal and external networks, web applications and wireless connections to develop key security strategies. Consider a Recurring Penetration Testing program to assess your safeguards throughout the year for a proactive security approach.
- Security engineering — What’s your “as-is” security posture? What’s your “to-be” security aim? We have the industry experience and expertise necessary to help design and implement utility cyber security that addresses current issues and speaks to emerging needs in the energy sector. Conduct security architecture reviews, threat monitoring, or sensitive data scanning. An ongoing review of your threat landscape is a best practice for your industry through a managed detection and response program (MDR) or Threat Hunting Program.
- Workforce management — Finding the right talent isn’t easy, and it’s getting harder as the cyber security skills gap widens. Our executive, full-time and contract hiring services help find the best-fit professionals for your needs.
- Incident Response – When a breach does occur, you need to address the attack immediately, contain it, and remediate the threat. Having a trusted, expert incident response team to stop, fix, and an ongoing incident response plan to keep your data secure. HALOCK’s incident response management, process, and planning provide comprehensive coverage in the event of a security breach. Explore an ongoing program that gets in front of any potential threats or attacks. You can be response ready with an Incident Response Readiness as a Service (IRRaaS) program.
- Third Party Risk Management (TPRM)/Vendor Risk Management – Ensure third-party partners are aligned with your organization’s risk controls. Vendors and contractors serve as an extension of your group. They represent you and should operate under your specific energy/utilities business requirements. A required best practice is to always conduct a supplier risk assessment to keep your vendors on point with your security posture. HALOCK can help build and manage a specific program for your secure environment.
- Risk Assessments – Regulations require your safeguards be reasonable to your organization, customers, and partners. With many frameworks available, how do you establish your acceptable risk? The Duty of Care Risk Assessment (DoCRA) helps you define a balanced security strategy factoring in compliance and safeguards based on your specific business and objectives.
- Risk Management & Security System Management: Our experts have the industry knowledge you need to prioritize and optimize security investments while keeping you compliant. An ongoing risk management program provides continuous maintenance and insight on your risk profile and how to enhance your security.
- Privacy – CCPA is the most sweeping legislation to date in the U.S. that concerns the protection of personal information. It broadens the definition of what constitutes personal information and gives California citizens greater control over what companies can do with their personal data. This includes the right to exempt their own personal information from being shared or purchased on the open market. Understand the impact this change and other states’ requirements have on your organization. Know what private information you manage and where it is located to properly secure – conduct Sensitive Data Scanning as a Service (SDSaaS) to ensure you have a current data inventory of sensitive information.
- Policies and Procedures – The industry is changing, and so should your security protocols. According to 2020 Midstream Oil and Gas Cybersecurity Survey, “40% reported an attempted or successful data breach in the past year, but only 7% updated their written security policy during the same period.” It is best practice to reassess your processes for any new cyber threat or attack. Proactive efforts are what will help navigate potential breaches.
- Cybersecurity Maturity Model Certification (CMMC) Readiness – Prepare for the new CMMC certification requirement to continue working with the Department of Defense (DoD) or to bid on projects with the DoD.
“HALOCK always met our project goals.”
– Energy Services Company
Reasonable Security is Now Defined
The Sedona Conference – an influential think tank that advises attorneys, regulators, and judges on challenging technical matters – just released its Commentary on a Reasonable Security Test. The Commentary is the first document of its kind that provides the legal community with a clear definition of a “reasonable” security control.