Verizon Provides Tips to Secure Grid Assets
by Stefanie Scott
With cyberespionage and threats to critical infrastructure a growing concern around the globe, it is important for utilities to remain vigilant in protecting data and physical assets.
Dave Sloat, principal consultant for security solutions at Verizon Enterprise Solutions, spoke last week at Itron Utility Week in Orlando, Florida, on critical infrastructure security in a presentation titled ”Protecting the Systems that Power our Lives.’’
“Verizon has studied the cyberthreat landscape for years and we see cyberespionage as an emerging and growing threat around the globe,’’ Sloat said. “There are ongoing malicious attacks in this space and protecting grid assets remains a concern in the utilities industry.’’
The 2013 Verizon Data Breach Investigations Report (DBIR) released earlier this year found that cyberespionage was 20 percent of the overall breaches in the study.
Sloat outlined a series of security recommendations for key decision makers in the utilities industry. They include:
- Know and protect what’s most important by employing techniques such as data islanding or secure enclaving.
- Consider new layers of protection, such as multi-factor authentication.
- Think beyond intrusion prevention and develop plans to address post-infection detection and response, mitigation and log monitoring to detect data exfiltration.
- Adopt a “Deny, Disrupt, Disable, Destroy” mentality when it comes to data and systems security.
- Actively protect the supply chain.
- Maintain open dialogue with key stakeholders –including Internet Service Provider, suppliers, customers and employees – during a breach.
“Security in today’s world is a journey – not a destination,’’ Sloat said. “Utility executives should operate under the assumption that they will be breached and take steps to prevent it.’’
For ongoing insight and analysis from some of the world's most distinguished security researchers, read the Verizon Security Blog at securityblog.verizonbusiness.com.