Energy Industry Needs Help on Two Security Fronts

August 13, 2013

In the energy sector, security analysts need to recognize unwanted behaviors to best protect these critical infrastructures. Photo courtesy of the Homeland Security Digital Library www.hsdl.org

The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology is encouraging chief security officers to help address two information technology challenges faced by the energy sector. Feedback on two proposed “use cases” may lead to solutions providing centralized control of access to structures and systems while reducing security blind spots in their operations.

NCCoE works with industry, academic and government experts to create open, standards-based, modular, end-to-end solutions to cybersecurity challenges that are broadly applicable across a sector. The solutions are customizable to the needs of individual businesses, and help them more easily comply with relevant standards and regulations. The work is organized around use cases that describe sector-specific challenges.

“These use cases represent sector-wide cybersecurity challenges that we will address through a collaborative effort among NCCoE, the energy sector and technology partners,” comments Nate Lesser, deputy director of the NCCoE. “Before inviting participation from our technology partners, we seek public input on the use cases to ensure that the resulting solutions are as useful as possible.”

The first use case focuses on energy companies’ need to control physical and logical access to their resources, including buildings, equipment, information technology and industrial control systems. This requires the ability to authenticate identity with a high degree of certainty and to enforce access controls consistently, uniformly and quickly—and across all resources.

The second use case solution would allow security analysts to see operational and information technologies as a cohesive whole, making it easier for them to detect issues that could disrupt services.

Energy companies, as their chief security officers and chief information security officers know, rely on two distinct types of IT systems.

Business enterprise systems run billing, personnel and other enterprise functions while operational systems, which rely heavily on so-called cyber-physical systems, generate, distribute and meter power. While standard IT security solutions are available to protect and monitor enterprise IT, those products are often an imperfect fit for operational technology and may need augmenting to avoid security blind spots.

Security analysts strive to ensure correct behavior in operational technology and identify the connections between IT data and unwanted operational behavior (i.e., disruptions to systems or services to consumers), and improve detection and remediation of those unwanted behaviors. But analysts can only correct what they can actually see. Without proper sensors in place, an analyst might never see an event, either as it happens or after the fact.

Successful solutions would provide blueprints for improving cybersecurity based on standards and best practices to help reduce the probability of attacks or anomalous system behaviors and make them easier to detect, mitigate and investigate after the fact. They would support energy companies’ business needs by reducing risks, system complexity and costs.

Security and SDM readers can view the two proposed use cases at http://csrc.nist.gov/nccoe/Projects/Energy.html.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 November

This month, Security magazine brings you the Security 500 Report, Rankings and Thought Leader Profiles. How does your enterprise compare to others? Which security programs are leading the way? Also this month, we highlight how to plan, prepare for and build resilience to protests and other unplanned events, video surveillance tools for SMBs and more.

View More Create Account

Energy Industry Needs Help on Two Security Fronts

Related Articles

Related Products

Report Abusive Comment