ELECTRIC ENERGY | SUMMER 2020 - 16

In this article, we offer a few ideas to get back on top of these
industrial cybersecurity challenges and bring together a cohesive
plan of attack to address both the ongoing threats and the new
realities of our COVID-19 world.

■	 Teams

were already very busy achieving the latest NERC standards on
low impact assets. They are also maintaining compliance with the rest
of the medium and high impact assets, such as the new supply chain
requirements.
■	 In addition to the more targeted nation-state attacks, cyber threats have
increased significantly in the past two or three years with the ever-present
threat of ransomware.
■	COVID-19 dramatically increased risks as more employees work from
home, accessing corporate networks from outside traditional offices.
Second, many tasks that used to be done on-site, either by staff that
traveled from site-to-site or by vendors, cannot be completed on-site
anymore due to the health risks imposed. This has created the need for
greater remote access to operational technology (OT) systems.
■	 The Executive Order created a significant new demand on power system
asset management and supply chains to inventory, monitor and procure
every endpoint in a way that satisfies this new standard.
■	 Cybersecurity and compliance teams face the same work from home and
social distancing protocols as their peers, creating operational challenges
in executing many of the day-to-day tasks of security operations.
This can feel truly overwhelming right now.
So, what can we do? How do we move forward and set a path that
gets us through this near-term challenge, as well as mark a trajectory to
a more efficient and effective end-state? Based on our experience of the
past 25 years working on OT security, we have three suggestions to offer.

OVERCOME CYBERSECURITY OVERLOAD
1. Invest in centralized visibility
The notion of asset visibility has been discussed for years, and many have
tried to create databases and implement tools to address this. However, many
of these efforts have been hamstrung by varied OEM systems, islanded sites,
out-of-date spreadsheets, cost-prohibitive solutions, lack of resources, etc.
Underlying many of the cybersecurity requirements (both regulatory and
broader "security") is a robust, cross-vendor, cross-site, hardware/software/
network/user asset visibility. Centralized visibility significantly reduces the
cost of regulatory burdens and increases cybersecurity maturity.
However, there are many challenges with this. First, many OEM vendors
offer solutions for cybersecurity that only apply to their own products and
are site-based, thereby limiting true enterprise visibility across vendor-types
16  ELECTRIC ENERGY | SUMMER 2020

and sites (plants, substations, gas distribution, etc.). Second, many of the tools
offered are expensive or time-consuming to deploy as they require hardware
taps or span ports throughout the network. Third, manual approaches
suffer from being out-of-date and incomplete. And, fourth, they can often
be spread across multiple databases (manual, vulnerability scans, OEM
databases, etc.).
Investing in a cybersecurity platform that provides a single pane of glass
across endpoint types, site locations, different operational divisions, and do
so in real-time, cost effectively, is the key to being able to efficiently manage
all of these cyber challenges.
2. Automate within control of operations resources
Manual processes for security management such as patching, configuration management, user and account management, etc. are time consuming,
costly, and prone to error and rework. By the same token, "automation" is
often a four-letter word in OT security because of the risks inherent in taking the wrong action or the right action at the wrong time. OT systems are
highly sensitive, and actions need to be taken carefully.
The answer is an automation approach that allows the operator to remain
in charge as to when those automated actions occur to essentially automate
the last mile but leave testing and timing of that automation to the hands of
the most experienced people. Automation, in our view, doesn't mean there
is someone sitting in corporate IT pushing patches to control systems. It
means providing the automation for the operator at the plant to only execute
the patching cycle once with a push of a button rather than load individual
disks or USB sticks, etc. into each device to update the software, or in the
case of configuration hardening, the ability to automate the configuration
desired, test it, and then automate its deployment as appropriate.
3. Build a programmatic plan to a sustainable solution
Don't settle for incremental progress or stop gaps. It seems that at every
step of this cybersecurity battle we think that if we can just solve this next
hurdle, all will be okay. But in reality, new challenges constantly arise, and
new hurdles remain. While new solutions need to be found, it is nearly
impossible for teams to catch up.
Today, we are faced with these two additional recent burdens. It
is tempting to find a short-term solution for the remote access issue,
assuming things will eventually go back to normal, or implement a



ELECTRIC ENERGY | SUMMER 2020

Table of Contents for the Digital Edition of ELECTRIC ENERGY | SUMMER 2020

Letter from the Executive Director
RMEL Board of Directors
Effective Communication & Culture Strategies in Times of Uncertainty
Overcoming Cybersecurity Overload & Security Impacts During COVID-19
Staying Connected to Customer Needs During and After the COVID-19 Pandemic
Now What? A Move to Post-COVID Operation With the Help of e-Learning
2020 Fall Convention
The RMEL Foundation Auction is Going VIRTUAL!
2020 Calendar of Events
Member Listings
Foundation Board of Directors List
Advertisers’ Index
ELECTRIC ENERGY | SUMMER 2020 - Intro
ELECTRIC ENERGY | SUMMER 2020 - bellyband1
ELECTRIC ENERGY | SUMMER 2020 - bellyband2
ELECTRIC ENERGY | SUMMER 2020 - cover1
ELECTRIC ENERGY | SUMMER 2020 - cover2
ELECTRIC ENERGY | SUMMER 2020 - 3
ELECTRIC ENERGY | SUMMER 2020 - 4
ELECTRIC ENERGY | SUMMER 2020 - 5
ELECTRIC ENERGY | SUMMER 2020 - Letter from the Executive Director
ELECTRIC ENERGY | SUMMER 2020 - 7
ELECTRIC ENERGY | SUMMER 2020 - RMEL Board of Directors
ELECTRIC ENERGY | SUMMER 2020 - 9
ELECTRIC ENERGY | SUMMER 2020 - Effective Communication & Culture Strategies in Times of Uncertainty
ELECTRIC ENERGY | SUMMER 2020 - 11
ELECTRIC ENERGY | SUMMER 2020 - 12
ELECTRIC ENERGY | SUMMER 2020 - 13
ELECTRIC ENERGY | SUMMER 2020 - Overcoming Cybersecurity Overload & Security Impacts During COVID-19
ELECTRIC ENERGY | SUMMER 2020 - 15
ELECTRIC ENERGY | SUMMER 2020 - 16
ELECTRIC ENERGY | SUMMER 2020 - 17
ELECTRIC ENERGY | SUMMER 2020 - Staying Connected to Customer Needs During and After the COVID-19 Pandemic
ELECTRIC ENERGY | SUMMER 2020 - 19
ELECTRIC ENERGY | SUMMER 2020 - 20
ELECTRIC ENERGY | SUMMER 2020 - 21
ELECTRIC ENERGY | SUMMER 2020 - Now What? A Move to Post-COVID Operation With the Help of e-Learning
ELECTRIC ENERGY | SUMMER 2020 - 23
ELECTRIC ENERGY | SUMMER 2020 - 24
ELECTRIC ENERGY | SUMMER 2020 - 25
ELECTRIC ENERGY | SUMMER 2020 - 26
ELECTRIC ENERGY | SUMMER 2020 - 27
ELECTRIC ENERGY | SUMMER 2020 - 2020 Fall Convention
ELECTRIC ENERGY | SUMMER 2020 - 29
ELECTRIC ENERGY | SUMMER 2020 - The RMEL Foundation Auction is Going VIRTUAL!
ELECTRIC ENERGY | SUMMER 2020 - 2020 Calendar of Events
ELECTRIC ENERGY | SUMMER 2020 - Member Listings
ELECTRIC ENERGY | SUMMER 2020 - 33
ELECTRIC ENERGY | SUMMER 2020 - Advertisers’ Index
ELECTRIC ENERGY | SUMMER 2020 - cover3
ELECTRIC ENERGY | SUMMER 2020 - cover4
ELECTRIC ENERGY | SUMMER 2020 - outsert1
ELECTRIC ENERGY | SUMMER 2020 - outsert2
ELECTRIC ENERGY | SUMMER 2020 - outsert3
ELECTRIC ENERGY | SUMMER 2020 - outsert4
https://www.nxtbook.com/naylor/RMET/RMET0320
https://www.nxtbook.com/naylor/RMET/RMET0220
https://www.nxtbook.com/naylor/RMET/RMET0120
https://www.nxtbook.com/naylor/RMET/RMET0319
https://www.nxtbook.com/naylor/RMET/RMET0219
https://www.nxtbook.com/naylor/RMET/RMET0119
https://www.nxtbook.com/naylor/RMET/RMET0318
https://www.nxtbook.com/naylor/RMET/RMET0218
https://www.nxtbook.com/naylor/RMET/RMET0118
https://www.nxtbookmedia.com