By Nicholas Sakelaris | CoServ
Cybersecurity plays a critical role in all businesses today but that responsibility is even greater for critical infrastructure like an electric or natural gas utility.
CoServ doesn’t just guard personal information for our Electric Members and Gas Customers, we safeguard the electric grid and natural gas system from cybercriminals.
CoServ employs a team of cybersecurity professionals who are constantly going through new training and development courses so they’re up to date on the latest threats. CoServ also works with government agencies, law enforcement, industry trade groups and other electric cooperatives to share best practices, collaborate and pass on credible threats.
Additionally, CoServ employs next-generation firewalls, intrusion detection/prevention devices and computer patching management applications.
But in today’s highly connected world where many CoServ Employees are working remotely, individuals must know they are targets. U.S. cryptographer Bruce Schneier famously said, “Amateurs hack systems, professionals hack people.”
“That’s why we make it a part of everyone’s job,” said Jeff McNeal, CoServ’s Senior Vice President of Information Technology. “We train all our Employees across the organization. Our Customer Care Specialists in particular are trained in data privacy and information handling.”
All CoServ Employees receive extensive training on phishing and other types of social engineering with the goal of forming a human firewall against attacks. The SANS Institute [SysAdmin, Audit, Networks, Security] estimates that 95 percent of all attacks on enterprise networks are the result of successful phishing.
The threats to critical infrastructure have increased in recent years as have the ransom amounts. The U.S. Government Accountability Office released a report earlier this year stating that utility distribution systems are “increasingly at risk” from intrusion and disruption.
One of the biggest examples happened earlier this year with the Colonial Pipeline breach, which forensic investigators determined was caused by a single password found on the dark web. That password accessed a VPN (Virtual Private Network) that lacked any kind of secondary authentication, such as email or text verification.
The five-day pipeline shutdown caused panic along the East Coast with long lines, high prices and shortages at gas stations.
“The Colonial Pipeline incident earlier this year provided an unfortunate reminder of the potential societal impacts, in this case gasoline shortages, that an attack on critical infrastructure can have,” Jeff said.
That’s why CoServ works every day to not only provide safe and reliable energy solutions but also to protect the electric grid and pipeline systems that deliver that energy to your community.