The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Utility industry: A prime and consistent target
Critical infrastructure for utilities is vital to personal safety, economic growth, and national defense. There are legitimate concerns from senior utility executives, regulators and customers about ensuring that adequate resources and focus are directed to the task of securing that infrastructure. Efficiently addressing the growing issue of cybersecurity and its impact on energy resources requires a holistic approach — one that uses specific countermeasures implemented in layers to create an aggregated, risk-based security posture to defend against cybersecurity threats and vulnerabilities that could affect these systems. This approach, often referred to as defense in depth, provides a flexible and usable framework for improving cybersecurity protection when applied to control systems.
The risk to utilities globally from cyber attacks is broad and business impacting, including:
● Threats to employee health and safety
● Lost revenue
● Intellectual property theft and ransomware
● Hard costs for remediation, compliance fines, and reputation damage
Protect your critical industrial systems with Cisco’s leading cybersecurity portfolio.
● Enable visibility into Industrial Control Systems (ICS) to inventory and develop baselines for devices, applications, and traffic profiles
● Secure touchpoints where people and their devices interact with ICS
● Add tools that enable and inform rapid incident response
● Prepare for the inevitable shift of Operational Technology (OT) components moving to the cloud
● Align with industry security standards such as NERC CIP and NIST
The foundational objective for applying cybersecurity to utility assets is to enable visibility into critical ICS and Supervisory Control and Data Acquisition (SCADA) environments. This visibility provides security operators the data needed to understand the system’s baseline for devices, applications, and traffic. These baselines are critical and form the basis for identifying anomalies that result from cyber intrusions by malware, worms, viruses, and other system exploits. Cisco’s portfolio enables this real-time visibility and anomaly detection with:
● Cisco® Cyber Vision
● Cisco Secure Firewalls
● Cisco 3000 Series Industrial Security Appliances
● Cisco Secure Network Analytics
● Cisco Catalyst® Industrial Ethernet (IE) switches with NetFlow
● Deep packet inspection for IEC 61850, IEC 101/104, Modbus, Ethernet/IP, and Distributed Network Protocol 3 (DNP3)
“SCANA is continually modernizing our systems and our grid for increased reliability and to better protect against cyber threats. We look to our technology partners, such as Cisco, for digital technology to help comply with those regulations, stay safe, and effectively enable operational technology.”
Randy Senn,
SVP SCANA
Protecting the vulnerable touchpoints where people and their devices interact with the ICS/SCADA systems is critical to reduce threats from malware delivered over the web, email, and USB storage. Cisco offers the industry’s most advanced malware detection and prevention with:
● Cisco Secure Endpoint
● Cisco Talos® global threat intelligence
Time to Detect (TTD) and Time to Respond (TTR) will determine how long an attacker controls a compromised system and ultimately determines the impact of the attack. The capabilities offered for ICS/SCADA visibility and malware protection help dramatically decrease TTD and TTR, which limits the impact on production.
The cybersecurity capabilities offered in Cisco’s portfolio map directly to industrial cybersecurity standards such as:
● NERC CIP
● EU NIS
● ISA-99/IEC62443
● NIST
Core ICS and SCADA functions will likely remain on-premises for many years to come, but software for OEM and third-party data analytics and machine maintenance are moving to the cloud. Prepare the organization to adapt to these cloud models with confidence, using cloud security tools from Cisco:
● Cisco Umbrella®
● Cisco Cloudlock®
● Cisco Secure Network Analytics SaaS
Cisco has the infrastructure expertise, services, and strategic partnerships needed to:
● Secure business IT and operations
● Spur faster decision making
● Enable new business models without compromising reliability, security, or network response time
Contact your Cisco representative or learn more online at https://www.cisco.com/go/smartgrid