Download presentation
Presentation is loading. Please wait.
Published byDouglas Aldous Waters Modified over 6 years ago
1
Cybersecurity@ PGE Chris Nolke, Director of Cybersecurity
Thursday, June 28, 2018
2
Our primary objective: protection
We protect against Cybersecurity threats to ensure: the reliability of customer power customer, employee, and PGE data remains protected the safety of PGE employees and customers We do this efficiently and effectively by: studying the tools, techniques, and procedures of current adversaries efficiently applying controls to protect, detect, and respond to those threats prioritizing talent and operational excellence over the latest technology Portland General Electric | Cybersecurity
3
Threat modeling practices
We study our adversaries through threat modeling We track hacktivism, internal fraud, advanced nation-states, and cyber-crime. Each of the four threat models follows a common process to achieve their goals, known as a kill-chain. By understanding each kill-chain, PGE actively protects against, detects, and responds to threats as efficiently and effectively as possible. While hacktivism, internal fraud, and cyber-crime has increased, advanced nation-state hacking of utilities has grown exponentially. Portland General Electric | Cybersecurity
4
Critical Infrastructure Attacks
STUXNET Nuclear, Iran, 2010 2010 DRAGONFLY Espionage, Middle East, 2013 2013 BLACK ENERGY 2 Various western power companies, reconnaissance, 2015 BLACK ENERGY 3 Ukraine on December 23rd, 2015 2015 CRASH OVERRIDE (ELECTRUM/RUSSIA) THREAT TO ELECTRIC GRID OPERATIONS Ukraine on December 17th, 2016 DRAGONFLY 2.0 US, Switzerland, Turkey OT assets 2016 DIMEALLOY US, utility reconnaissance 2017 TRISIS Power Safety Systems, 2017 Middle East 2017 Portland General Electric | Cybersecurity
5
Increasing threat landscape
In 2016 and 2017, the significance, volume, and sophistication of critical infrastructure threats from nation-states rapidly increased Utility Data Breaches Attacks Against PGE 900 800 700 600 500 400 300 200 100 25 20 21 15 16 10 10 7 5 China United States Russian Federation Germany Korea 2014 2015 2016 2017 data: Verizon Data Breach Investigation Report (worldwide). 2017: Estimate, Accenture “It’s tempting to believe that this increase in attacks is horizontal across industries, but the data shows that energy organizations are experiencing a disproportionately large increase when compared to other industries.” - Tim Erlin, Director of IT Security and Risk Strategy for Tripwire Portland General Electric | Cybersecurity
6
Information security roadmap
Portland General Electric | Cybersecurity
7
Quantifying our progress
By measuring what we do, we understand how effective our processes are. We measure the maturity of capabilities based on the CMMI model (0-5) We measure operational security and IT metrics We measure risk within our environment and in using vendors through assessment against policy We measure awareness of policy and best practice through training, testing, and surveys We measure our technical attack surface through assessments We measure employee engagement through surveys Portland General Electric | Cybersecurity
8
Challenges going forward
Skilled cyber security resources are in short supply and difficult to attract Aggressive timetable for the Information Security Roadmap Cyber security threats to utilities will continue to increase Change management challenges of instilling a security culture Portland General Electric | Cybersecurity
9
Thanks For questions please contact Chris Nolke
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.