Utilities

Power lines & poles with city background
Cybersecurity is a growing concern for those tasked with maintaining our countries infrastructure. According to recent analysis by KPMG, about half 49% of power and utility CEOs surveyed say that becoming a victim of a cyber-attack is now a case of ‘when’, and not ‘if’. Despite this, only half 51% say that their organizations are well-prepared to deal with a cyber-attack. Abacode recognizes the importance of safeguarding the grid. We not only identify cybersecurity gaps; we implement the protections necessary to prevent a major cybersecurity breach.

Federal lawmakers have started to take note. Congress passed the America’s Water Infrastructure Act of 2018, sponsored by Sen. Amy Klobuchar (D-Minn.) and signed into law by President Trump. This bill requires any water utility serving 3,300 or more people to carry out a risk and resilience assessment of its networks, including a review of their cybersecurity framework.

In addition, cybersecurity experts project that targeted ransomware attacks are set to rise. In a recent threat outlook, analysts at Booz Allen Hamilton predicted “a plausible uptick in state-sponsored attacks and intrusions at water utilities,” citing an alert from DHS that claimed Russian hackers had already targeted U.S. water networks. In fact according to EmergIn Risk, three quarters of utility companies have experienced a data breach in the past 12 months, with average clean-up costs around $156k per breach. In another cybersecurity breach PG&E was fined $2.7 million for security oversights that allowed hackers to gain remote access to the power provider’s systems. More than 30,000 company records were left unprotected, including usernames and passwords, which could aid a malicious attacker in using this information to breach the secure infrastructure and access critical cyber assets.

As a result, US government agencies applied stringent regulations to federal, state, and local government vendors and suppliers that store and process government data.

Compliance Standards:

FedRAMP | FISMA | NIST 800-53 | NIST 800-171

Steps

design, implement, manage, report

See How Abacode Can Help You

Abacode