Energy and electric utility organizations are facing a range of challenges requiring a reevaluation of the cyber security within their industrial control networks, endpoints and controllers. On the one hand, operators have to face losing access to phone lines, securing transmission substations, meeting pressing NERC CIP audit requirements and worrying about Internet connections to vital systems. On the other hand, they are confronted with data and media coverage (eg. Ukraine power outage) that indicate an increase in cyberattacks on energy Industrial Control Systems (ICS).

While there are many benefits that have come to ICS and SCADA networks through the increased use of standard networking and Internet technologies, it has made the need to secure them ever more critical. Firewalls play an important role in blocking threats and containing internal cyber incidents that could impact safety, reliability and productivity. They control the flow of communications and filter packets to block or contain harmful network traffic.

Who hasn’t been frustrated when traffic comes to a standstill or the underground breaks down? Such frustration is a very real human emotion that lets us know that our highways, subways and light rail transit systems are vital for our lives to run smoothly. Add it up across thousands or millions of people: if transportation systems don’t work, entire economies and societies suffer.

Thanks to the recent 2016 Data Breach Digest from the Verizon RISK team, a story about poor cybersecurity at a water company has recently been in the media. The company, given the fictional name of the Kemuri Water Company (KWC), is responsible for the water supply of a number of counties. Verizon was retained by KWC to assess their networks for indications of a security breach. Of concern was an unexplained pattern of valve and duct movements that had occurred over the previous 60 days. The Verizon team identified that breaches had occurred and that KWC’s SCADA system had been manipulated to alter the amount of chemicals that went into their water system as well as the flow rate.

Someone recently asked me the best way to describe Deep Packet Inspection (DPI) in laymen’s terms. If you are not familiar with DPI, it describes two technologies used by firewalls to detect and block unwanted communications.