Dependence on the Grid

With an estimated 3,300 electric companies operating in the United States, and around 200 providing power to the most users, protecting vital commodities and services such as power, natural gas and water are of critical importance. Any disruption to these services could cause intense economic, health and environmental damage.

“RESPONDING TO THREATS AT THE DISTRIBUTION LEVEL REQUIRES COORDINATED, DEDICATED ACTION AND CONSISTENT, ANNUAL INVESTMENT TO STRENGTHEN OUR DEFENSIVE EDGE. EVERY UTILITY, REGARDLESS OF SIZE, MUST IMPROVE ITS CYBERSECURITY POSTURE.”

Mark James, Assistant Professor and Senior Research fellow at Vermont Law School’s Institute for Energy and the Environment
and Richard Mroz, Senior Advisor, State and Government Relations, for Protect Our Power

Continuous Treats

Every day, there are more reports on emerging cybersecurity threats. According to a recent publication in UtilityDive, there is a continuous threat of cyberattacks targeted at our nation’s electric grid. Addressing these complex threats and vulnerabilities will require a series of well-coordinated efforts, financial investments and continuous monitoring.

Case Study: LBMC Technology Solutions Helps Utility Company Fortify Cybersecurity Defenses

Executives and other employees at a large utility company were struggling to get their work done because of repeated problems with the company’s aging network infrastructure. It wasn’t just that employee productivity was down—it was that the company was vulnerable to security threats and unable to fulfill its mission of serving the community by delivering clean water and other essential services in a timely and reliable manner.

Situation

The utility company had installed its network equipment, including Fortinet firewalls, many years ago and the equipment was beginning to show its age, resulting in productivity issues and security vulnerabilities.

VPN connections would drop at unpredictable times, largely due to the company’s firewalls, leaving branch offices unable to communicate with or access information in the main office. The firewalls were also blocking internal IP addresses at random times, seemingly for no reason. That meant, for instance, that an employee working on a monitoring system might suddenly be locked out of network access for an indeterminable amount of time. Executives were likewise affected—dropped off the network without warning, at any time. 

Security issues were also a significant issue, as they are for all utility companies. In a recent KPMG CEO report, almost half of the power and utility CEOs surveyed indicated that they believe a cyberattack on their company is inevitable—and 42% said they did not feel prepared to identify a cybersecurity threat.[1]

 

– 2018 KPMG CEO Outlook: Power & Utilities 

With its network equipment out of warranty, the utility company felt vulnerable to attack. The company had not been implementing security updates, although an intrusion detection system was in place, the system was overwhelming the firewalls and thus not protecting the company from cyberattacks.

Solution

The utility company recognized that it needed to upgrade its infrastructure to support high availability with more reliable VPN connections. In addition, the company needed to strengthen its overall security posture, including improving its threat detection capabilities.

To accomplish both goals, the company collaborated with the network engineering team at LBMC Technology Solutions. LBMC’s Network Engineer team performed an on-site technology audit and discussed high-level challenges with the company, as well as listening to the company’s specific concerns around existing hardware, warranties, and related technologies.  

Ultimately, the utility company chose to implement a WatchGuard Firebox M370 firewall in its main office, as well as two T55 firewalls and two T70 firewalls in other locations. The Firebox security platform is designed for small and midsize businesses, providing a suite of unified security controls, including intrusion and ransomware prevention. In addition, the company could take advantage of the included WatchGuard Dimension, which provides real-time monitoring and reporting.

“Our engineers go on-site to understand the whole story—both what’s going on from a technology perspective and what the business needs. In this case, we needed to solve both their productivity and security issues.”

–Robert Powell, Manager of Network Engineering

Because of its deep concerns about rising security risks, the utility company also chose to implement the WatchGuard Total Security Suite, available as an upgrade with the purchase of the Firebox platform. The Total Security Suite includes, among other features, AI-enhanced advanced malware protection, DNS-level protection, enhanced network visibility capabilities, 24/7 support, and the ability to take action against threats from the Dimension network visibility platform.

“With every client, large and small, we work hard to ensure we’re implementing the right security solution,” said Robert Powell, Manager of Network Engineering at LBMC Technology Solutions. “Our engineers go on-site to understand the whole story—both what’s going on from a technology perspective and what the business needs. In this case, we needed to solve both their productivity and security issues.”

Benefits

Since implementing WatchGuard’s Total Security Suite and Firebox firewalls, the utility company has been able to increase network availability, improve employee productivity, and serve the community and its customers more effectively.

Improved VPN connectivity and reliability

WatchGuard’s up-to-date VPN options provide strong encryption on VPN tunnels and services to help monitor VPN connections, so the company knows when it needs to take action. WatchGuard firewalls also have failover VPN options, so they can connect to another internet connection automatically if the existing one is overwhelmed.

Better insight into network traffic

WatchGuard’s Firebox firewalls have built-in tools such as Traffic Monitor and Host Watch, that give the company a more in-depth view of its traffic flow. Issues—such as a single computer throttling bandwidth for the entire company—can be pinpointed and removed quickly. 

High availability

High network availability was essential for the utility company. The WatchGuard firewalls have high availability built in, so the company simply had to set it up to ensure they would have firewalls on standby in case issues arise. 

Layered security

WatchGuard’s Total Security Suite offers a host of subscription services, from Gateway Antivirus to Botnet Detection. Because the utility company is large, has multiple attack areas, and depends on high availability, they sought a layered, defense-in-depth solution—which simply required enabling all the features in the Total Security Suite.

Among the company’s most valuable defenses are Intrusion Protection, which helps the firewall recognize when it could be under a DDoS or similar attack, so it can quickly respond and prevent network disruption. Another key feature in Total Security Suite is Reputation Enabled Defense (RED), which helps the firewall track potential network attacks, notifying the firewall immediately to trigger further action.