How to Tackle and Prevent Cyber Security Challenges Author Sticky Matt Yourek Director of Product Cyber Security & Compliance Grid Software, GE Vernova Matt Yourek is the Director of Product Cyber Security and Compliance for Grid Software, GE Vernova, a position he has held for the past four years of his 15-year GE career.Matt's role includes product management for the cyber security functionality of the Digital Energy solution, Open Source DevOps, and secure product delivery; supporting marketing, sales, contracts, and commercial operations on all things related to customer-facing cyber security aspects of our business; product vulnerability and incident response; ISO27001 governance; customer supply-chain risk assessments of our business; and collaborating with industry. Aug 16, 2024 3 Minute read Share Part 2 in our Cyber Security for Utilities blog series.The cyber environment is changing quickly. By the time you read this, the Kaseya VSA attack affecting remote management monitoring software at 1,500 businesses, may be overshadowed by a fresh cyber security breach. Nowadays, there always seems to be some new ransomware strain, branded bug, or industrial control systems targeted malware causing anxiety. Cyber Security Challenges There’s a certain inevitability to it all. Cyber security is a top priority across industries globally. Governments are proclaiming executive orders to protect critical infrastructure and shoring up regulations to enhance security. Yet every day there are more devices, more tools, and more connections. In fact, “Internet users are currently growing at an annual rate of 7.6 percent, equating to an average of more than 900,000 new users each day.”All that means more risk. The volume of data is rapidly increasing. This means business must monitor, track and secure logs, configuration baselines, network traffic and so much more for effective detection and defense against cyber attacks. Meanwhile, the standard advice to “always patch” and “update regularly” is a little more suspect now. After all, the SolarWinds attack used a software update to compromise a customer base including top US telecommunications companies, accounting firms, as well as all branches of the US Military, the Pentagon, and the State Department.So, what is to be done? Regrettably, there is no silver bullet solution. Instead, this article will outline how GE Vernova Grid Software envisions the acceleration of day-to-day cyber security for day-to-day operations. Defensible and Proactive Cyber Attack Prevention Measures The frequency and severity of attacks on utility systems is on the rise, according to the National Regulatory Research Institute. Why? An increasingly digital power sector has more and more computerized controls and assets that need to be protected from cyber attack. If everything critical were to be kept solely on one server, one network, or in one location, which minimizes efforts associated with applying that protection, and it is attacked by ransomware, it’s game over. One reason the Colonial Pipeline ransomware breach wreaked such havoc? There was no segmentation. Since reports indicate that Colonial hadn’t internally segmented its infrastructure, the bad actors could compromise everything — and take home a $4.4 million ransom.But keeping applications, endpoints, network architecture, system management and system vendors all in their distinct boxes undermines the digital transformation. The advantages of digitalization are better realized when the business breaks down silos between departments to integrate technology and share data across systems for improved transparency. Thus, a delicate balancing act is required between a small footprint that’s easier to defend but causes a major impact if attacked, and a distributed, segmented approach that could lessen the impact, but also increases level of effort to apply protections. Yes, segmentation makes it more complicated. But the challenge can be met.Good cyber hygiene practices are necessarily multi-layered. Now, we’re not talking about adding so many levels of protection that the user is stymied by a frustrating access experience. Instead, GE Vernova’s Grid Software products work with several defensible and proactive cyber measures seamlessly for the user. Securing the Power Grid Holistically The power sector is well aware by now of the need for digital transformation. Yet that does not mean every utility has been able to replace its legacy infrastructure and large assets. It’s not a change that can be made with a flip of a switch. Thus, some continue to regulate and control energy transmission and distribution grids with technology that was not necessarily built for the current cyber environment and its threats.To realize parts of this digital transformation now, they may be connecting applications, endpoints, networks, and business processes to this critical, potentially unsecured, system. There is so much that could be missing: Logging and monitoring integration to see what is occurring in applications and know when something isn’t functioning as expectedIndividual accounts and password policies to enhance securityHost-based firewalls to help detect and stop anomalous network activitySecure protocols and encryption to prevent attackers from accessing data in transitIntermediate systems for remote access to minimize risk exposureThird party security patch management to validate patching won’t impact systems Still, the utility does not always need to take the costly and time consuming rip and replace route to achieve these security controls across a distributed, segmented architecture. GE Vernova Grid Software’s Bring Your Own approach is meant to allow the customer to realize these controls today, along with cost-savings, through the customer’s use of their own existing security solutions (e.g. anti-malware, SIEM, user management, etc.), as opposed to some OT vendors who require the utility use the vendor’s “certified” and approved security tooling or risk void of warranty or support, which can inhibit adoption of some of these security controls or system upgradability.The Bring Your Own approach allows the utility to leverage its staff’s familiarity with their existing security technology in order to expedite and simplify adoption of both those security tools as well as new Digital Energy products and versions. This approach also lets the customer avoid the additional overhead of paying for yet another synonymous third party solution (e.g. utility corporate standard tool is X, but EMS vendor only supports Y on its EMS, and DMS vendor only supports Z on the DMS) necessary to monitor threats, vulnerabilities and patches, and log security information and event management.Yes, cyber security is a moving target. But with the right technology partner who understands the need for these types of balancing acts, you can remain in step to identify, detect and protect. For more information on GE Vernova Grid Software’s Cyber Security solutions, contact us.Interested in cyber security insights?Read the first blog in this series: Addressing the Human Element in Cybersecurity Author Section Author Matt Yourek Director of Product Cyber Security & Compliance Grid Software, GE Vernova Matt Yourek is the Director of Product Cyber Security and Compliance for Grid Software, GE Vernova, a position he has held for the past four years of his 15-year GE career.Matt's role includes product management for the cyber security functionality of the Digital Energy solution, Open Source DevOps, and secure product delivery; supporting marketing, sales, contracts, and commercial operations on all things related to customer-facing cyber security aspects of our business; product vulnerability and incident response; ISO27001 governance; customer supply-chain risk assessments of our business; and collaborating with industry.