Cyber threat detection and prevention checklist

July 24, 2019
The challenges and tasks required for successful cybersecurity never run out.

Well begun truly is half done, but with cybersecurity, it's still hard to progress beyond initial steps like updating passwords and segmenting networks with managed Ethernet switches used as firewalls to monitor network traffic, detecting suspicious behavior, and responding to threats and attacks.  

"We started our cybersecurity journey at the tail end of a smart grid deployment when we realized we had a large amount of data that wasn't going to be useful if we couldn't operationalize it, which meant we had to get comfy with our security group," says Jason Nations, senior enterprise security manager at OGE Energy Corp., Oklahoma City, who spoke at ARC Industry Forum 2019 earlier this year in Orlando. OGE is a vertical electric utility that uses natural gas, coal, wind and solar sources to generate power for 700,000 customers in Oklahoma and western Arkansas. "We inventoried all our assets and connection, and used a line-item diagram, so we knew every cable and what it was connected to, including showing what sensors were needed. However, we also learned cybersecurity is a people problem as much as it's a technical one, and that we needed to get everyone onboard, especially to get our use cases in line. Without the involvement of our field personnel, execution was also at risk."

Nations reports that OGE aimed to implement continuous monitoring in its control system networks; gain enterprise visibility across its OT environment; perform real-time inventory of its control system cyber assets and further mature its detection capabilities; and improve its incidence response capabilities. Cybersecurity solutions had to meet its use cases; form a long-term relationship with OGE; support its commitment and capabilities; and integrate with the utility's ICS security program. It also followed the National Institute of Standards and Technology's Cybersecurity Framework and the U.S. Dept. of Energy's Cybersecurity Capability Maturity Model (C2M2); planned and coordinated deployments with field personnel; implemented undisclosed ICS threat intelligence software and components within three months; and integrates alerts from the U.S. Dept. of Homeland Security's (DHS) Industrial Control System-Cyber Emergency Response Team. Nations adds that OGE is also using John Kindervag's Zero-Trust Network model that takes a guilty-until-proven-innocent approach.

To learn more, read "Do the cybersecurity to-do list" from Control.

Sponsored Recommendations

Jan. 22, 2025
Discover how INNOMAG® is transforming pump selection with innovative design and unparalleled performance. Learn how this breakthrough solution simplifies operations, enhances ...
Jan. 14, 2025
Struggling with a troublesome pump? Get a reliable solution in just five days with the fastest, most advanced sealless pump on the market.
Jan. 14, 2025
INNOMAG® pumps save energy and maintain peak efficiency over time—no wear and tear. Discover how they can lower your operating costs and increase reliability.
Jan. 14, 2025
Say goodbye to leaks for good. Discover how the hermetically sealed INNOMAG® pump delivers leak-free performance—even under the toughest conditions.