Sushila Nair, Product Manager, Managed Security Solutions Group, BT Global Services

If you lived in Cleveland, New York or Baltimore in August 2003, you probably remember the large scale power outage. While the major blackout was not caused by cyber terrorism, this event, along with the terrorist attacks on September 11, 2001, brought the possibility of attacks against critical infrastructure into sharp focus and accelerated the implementation of standards to provide a cyber security framework that would identify and protect critical cyber assets. By defining critical assets, these standards are intended to support the reliable operation of bulk electric systems in North America.

The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards provides guidelines covering a variety of areas related to cyber security for bulk power system owners, operators and users. However, due to the rapidly changing security landscape of the Industrial Control Systems (ICS), companies are failing to adequately secure their systems.

Industrial Control Systems (ICS), which includes Supervisory Control and Data Acquisition (SCADA) and Distributed Control Systems (DCS), controls systems that provide operators automated direct and indirect control over the functions throughout the power grid. These systems, used within CNI, provide unique security challenges to organizations. As business requirements change and the demands for real-time information increase, the need for securing CNI networks and their process control systems is paramount for organizations.

Organizations have typically addressed compliance and security in silos, which results in an incomplete picture of the cyber threat. Addressing security in isolation only provides an organization the perception of security, but does not provide an organization with an organizational view of its risk due to gaps in information.

To assist these organizations, BT Managed Security Solutions Group and Industrial Defender have partnered to offer a holistic solution in critical network infrastructure (CNI) and organizational monitoring. This offering enables organizations to have a view of its security posture as it relates to its critical infrastructure (substations, control centers, energy management systems) and its interconnectivity with the organization.

With a holistic approach, the footprints of an attack may be discovered across multiple systems or even across multiple operating areas. As organizations merge to achieve economies of scale, disparate geographic operating regions become interconnected via common enterprise environments. In today’s regulatory-driven environment, an organization must consider its entire critical infrastructure – from the substation to the control center and out to the enterprise network – when making security monitoring decisions.

The fast and accurate detection of security-related events is an organization’s first line of defense against security intrusions. This can only be achieved through a holistic solution that provides enterprise-wide security by aggregating and correlating information from both critical network infrastructure and enterprise networks, providing organizations transparency into their security posture.