Turn on your application security initiative
The transformation of the U.S. electric grid sparked a wide adoption of various Smart Grid technologies and enhanced connectivity. This elevated the importance of cyber security for all members of the ecosystem—from small to large electric utilities to the Smart Grid vendors serving these utilities. As the attack surface of the electric grid increases, so does the sophistication and determination of adversaries, ranging from individual hackers to nation states. If cyber security risks facing our nation’s electric grid go unaddressed, a major cyber event impacting electricity delivery to millions of people is quite probable.
Building a cyber risk-management program is a complex endeavor that requires an experienced partner to help you navigate the challenges and maximize the return on your security investment. Cigital has a long and distinguished history in energy sector application security and vulnerability assessment, having worked with large investor-owned utilities (IOUs), rural electric cooperatives, and Smart Grid vendors serving electric utilities.
In partnership with NRECA and DOE, Cigital created the Guide to Developing a Cyber Security and Risk Mitigation Plan, to help utilities address cyber security risks holistically and systematically. The plan has been widely praised by the U.S. Department of Energy (DOE). Cigital also helped write the DOE’s Electric Subsector Cybersecurity Capability Maturity Model (ES-C2M2).
Cigital empowers utilities to address mandatory NERC Critical Infrastructure Protection (CIP) compliance requirements for annual Cyber Vulnerability Assessment (CVA) audits. Cigital combines this process with creating a foundation for a comprehensive end-to-end risk-based mitigation approach to application security.
Cigital goes beyond vulnerability assessments. Below are just a few of the ways in which Cigital can strengthen your energy organization’s application security program:
As an industry-leading player, you need to develop or adopt new technologies that will give you a competitive advantage, increase your operational efficiency and effectiveness, and reduce costs—all while still taking appropriate security measures. The three biggest cyber security risks facing electric utilities today all involve adversaries impacting the reliability of electricity delivery:
These security risks, if realized, could result in loss of life and/or limb, loss of shareholder value and regulatory fines. To address these security risks, Cigital recommends that electric utilities:
Cigital Develops Ready-to-Use Tools for Securing the Smart Grid
Show 063 – An Interview with Craig Miller
Improving Smart Grid Cyber Security