All industries are vulnerable to cyber attacks, but utilities are a prime target for hackers. An attack to a utility company’s Industrial Control System (ICS) presents great risk by potentially exhausting reserve fuel, causing shortages to potable water, impacting the ability to treat sewage, straining public order, forcing residents to leave an area to seek a reliable supply of water and electricity, and devastatingly hitting commerce. An attack on the power grid could be similar to a natural disaster — except we know when natural disasters end.
One of the largest private energy organizations in the U.S. was worried about the exposure of their control center networks to a cyber attack. Prior to engaging us, the organization implemented common security approaches and techniques to address this problem but wanted to validate their approach with a third-party cyber security specialist.
We created a model simulating the client’s network to assess its adherence to security configuration standards and simulate the possible attack vectors that threatened it. After 12 weeks of rigorous testing and analyses, our team formulated their assessment. The company’s leaders were then able to identify and remediate control center vulnerabilities, thereby lowering the level of risk to their operations.
- Revealed vulnerabilities in operations that would result in material implications if breached
- Moved from a check-box approach to security to a tailored, enterprise program
- Brought renewed confidence in the organization’s security posture