Cybersecurity

Electric Utilities

Electric Utilities

Control Infotech Inc. (CII) cybersecurity capabilities include assessing substations for NERC CIP compliance, preparing cyber assets registers and logs, identifying vulnerabilities in cyber assets using the National Vulnerability Database (NVD) and CISA advisories, conducting passive discovery of cyber assets and designing and developing tools to collect, correlate, analyze and report on security related information across the organization’s electrical infrastructure.

“Smart grid technologies will introduce millions of new components to the electric grid. Many of these components will be critical to interoperability and reliability, will communicate bi-directionally, and will be tasked with maintaining confidentiality, integrity, and availability (CIA) vital to power systems operation.” [NIST IR 7628 section 2.2 Logical Security Architecture Overview)

Read More

A Note About Approach

Safeguarding the Grid from cyber risks demands knowledge, skills and abilities in electrical engineering and cybersecurity. CII is able to offer its hybrid expertise in substation engineering and cybersecurity to help customers identify cyber risks within their electrical infrastructure and recommend effective security solutions (fulfilment of security requirements and implementation of security controls) to address the ever-changing Grid cyber risk landscape.

Cyber Risks are a product of vulnerabilities, threats, frequency of adverse events and the consequences of adverse events. Consequences of adverse cyber events need to be identified through a systematic process of analyses. This includes enumeration and evaluation of various data flows in the context of interfaces and interactions of the systems and sub-systems down to the component level. Further, the solutions recommended should be context specific considering the high availability and integrity demands of electrical and communication networks. CII follows a well-defined set of activities, which are based on the NIST Interagency Report 7628 - Guidelines for Smart Grid Cybersecurity.

Read Less