Home Healthcare Holding the lighting on: Brazilian energy software wins cybersecurity award for securing grid community with Cisco

Holding the lighting on: Brazilian energy software wins cybersecurity award for securing grid community with Cisco

0
Holding the lighting on: Brazilian energy software wins cybersecurity award for securing grid community with Cisco

[ad_1]

Cyberattacks on electrical energy utilities are on the upward push. From 2020 to 2022, weekly assaults greater than doubled. An assault that exploits a vulnerability in clever digital gadgets (IEDs) like energy distribution gadgets, relay, and circuit breakers can flip off the lighting in an area or whole town. At the floor, it kind of feels easy sufficient to remediate vulnerabilities once they’re reported—for instance, through upgrading firmware. Truth is, detecting and remediating vulnerabilities in operational era (OT) poses a supersized problem for utilities.

Take CPFL Energia, a Brazilian software with 10.3 million shoppers. CPFL sought after to spice up the safety posture at its 600+ distribution substations, the place high-voltage electrical energy is reworked to decrease voltage for distribution to houses and companies. The roadblock? You’ll’t protected what you’ll’t see, and CPFL’s operations group used to be in the dead of night about precisely what IEDs have been deployed in substations. Simply atmosphere foot in a substation in Brazil calls for a long approval procedure, so some substations hadn’t been visited for months. OT visibility was pressing In 2021, when nationwide grid operator ONS required utilities to behavior a cybersecurity vulnerability evaluate.

Operations and IT groups sign up for forces

The software’s operations group knew it didn’t have cybersecurity technology to evaluate and mitigate possibility. The IT group had the cybersecurity technology however didn’t perceive the finer issues of substation operations, like which commercial protocols might be blocked to shrink the assault floor. So, operations and IT made up our minds to group up, pooling their strengths. The IT group noticed the OT safety undertaking as a chance to fulfill some other longstanding objective—upgrading the getting old switches at substations to make the most of advances like energy over ethernet (PoE) and control automation.

OT visibility and switching in a single field, with Cisco commercial switches

CPFL completed each targets—vulnerability evaluate and community modernization—with one resolution, Cisco commercial switches. Integrated at the switches is Cisco Cyber Imaginative and prescient, a instrument which robotically identifies all commercial and IT property attached to the community, together with detailed traits and conversation actions. The 2-in-one resolution is way more practical and no more expensive than CPFL’s different choices: purchasing separate visibility equipment for every substation or else replicating community site visitors to a keep watch over heart with a centralized visibility equipment. Cisco’s commercial switches meet utilities’ stringent necessities, together with the facility to resist harsh environments, IEC 61850 certification to perform in high-voltage environments, and fortify for commercial protocols like DNP3 and Modbus TCP/IP.

Quick payoff: 20 malware infections found out

These days each transmission and distribution substation has been upgraded to Cisco Catalyst IE3400 Rugged Collection switches with integrated Cyber Imaginative and prescient. With a look on the Cyber Imaginative and prescient console, CPFL’s operations group can view an in depth stock of all attached IEDs and workstations, together with their instrument vulnerabilities.

“In an instant Cyber Imaginative and prescient recognized greater than 20 instances of malware within the OT community, in addition to many unneeded conversation actions and protocols lets close down to cut back the assault floor,” stated Emerson Cardoso, CPFL’s leader knowledge safety officer. “We have visibility into our essential grid community, step one towards mitigating vulnerabilities and bettering our safety posture.”

Actual-time signals: those that depend

CPFL’s safety analysts now obtain real-time signals about essential occasions as a result of CPFL built-in Cyber Imaginative and prescient with its safety knowledge and tournament control (SIEM) gadget. To keep away from alert fatigue and ensure essential occasions are addressed temporarily, the IT and OT groups labored in combination to outline 20 forms of safety occasions that generate signals. “Cyber Imaginative and prescient helped us conquer the problem of integrating OT into our safety operations heart (SOC),” explains Cardoso. “Our safety analysts now have visibility throughout each IT and OT to behave at the signals, arrange dangers, and implement safety insurance policies all the way through our networks.”

Whilst deploying the brand new Cisco commercial switches, CPFL additionally deployed Cisco Safe Firewalls to clear out commercial community site visitors between substations and keep watch over facilities. This gave IT the facility to include malicious actions and keep away from threats to unfold to all the infrastructure within the case a breach happens.

Award-winning undertaking reaping rewards operations, IT, and shoppers

With its new Cisco commercial switches, Cyber Imaginative and prescient, and Cisco firewalls, CPFL solved more than one demanding situations that utilities have struggled with for years. Operations groups received visibility into grid property and complied with a brand new legislation for vulnerability evaluate and possibility control. IT modernized substation networks and will track and include threats to transmission and distribution operations.

The Brazilian cybersecurity neighborhood has taken word, spotting CPFL and Emerson Cardoso as Nationwide Safety Leaders of 2023. The award calls out CPFL’s complete strategy to cybersecurity and efficient collaboration between OT and IT. In Cardoso’s phrases, “Having powerful cybersecurity protections now not most effective is helping mitigate dangers and offer protection to our staff, it additionally guarantees we will higher serve our shoppers.”

Learn the total case find out about right here.

Be informed extra

Proportion:

[ad_2]

LEAVE A REPLY

Please enter your comment!
Please enter your name here