Cyber threat detection and prevention checklist

July 24, 2019
The challenges and tasks required for successful cybersecurity never run out.

Well begun truly is half done, but with cybersecurity, it's still hard to progress beyond initial steps like updating passwords and segmenting networks with managed Ethernet switches used as firewalls to monitor network traffic, detecting suspicious behavior, and responding to threats and attacks.  

"We started our cybersecurity journey at the tail end of a smart grid deployment when we realized we had a large amount of data that wasn't going to be useful if we couldn't operationalize it, which meant we had to get comfy with our security group," says Jason Nations, senior enterprise security manager at OGE Energy Corp., Oklahoma City, who spoke at ARC Industry Forum 2019 earlier this year in Orlando. OGE is a vertical electric utility that uses natural gas, coal, wind and solar sources to generate power for 700,000 customers in Oklahoma and western Arkansas. "We inventoried all our assets and connection, and used a line-item diagram, so we knew every cable and what it was connected to, including showing what sensors were needed. However, we also learned cybersecurity is a people problem as much as it's a technical one, and that we needed to get everyone onboard, especially to get our use cases in line. Without the involvement of our field personnel, execution was also at risk."

Nations reports that OGE aimed to implement continuous monitoring in its control system networks; gain enterprise visibility across its OT environment; perform real-time inventory of its control system cyber assets and further mature its detection capabilities; and improve its incidence response capabilities. Cybersecurity solutions had to meet its use cases; form a long-term relationship with OGE; support its commitment and capabilities; and integrate with the utility's ICS security program. It also followed the National Institute of Standards and Technology's Cybersecurity Framework and the U.S. Dept. of Energy's Cybersecurity Capability Maturity Model (C2M2); planned and coordinated deployments with field personnel; implemented undisclosed ICS threat intelligence software and components within three months; and integrates alerts from the U.S. Dept. of Homeland Security's (DHS) Industrial Control System-Cyber Emergency Response Team. Nations adds that OGE is also using John Kindervag's Zero-Trust Network model that takes a guilty-until-proven-innocent approach.

To learn more, read "Do the cybersecurity to-do list" from Control.

Sponsored Recommendations

April 14, 2025
This paper addresses where leaks commonly occur, leak detection methods, and practical advice for an audit and repair plan. You'll learn why an ongoing leak detection and repair...
April 14, 2025
Here are some things you can do in between formal preventive maintenance visits on your electric screw compressor to extend compressor life and prevent downtime.
April 14, 2025
They cost more than refrigerated dryers. They need more parts and service than refrigerated dryers. They increase demand for compressed air. So when should you use a desiccant...
April 14, 2025
Follow these ten steps for energy savings in your compressed air system.