Welcome!

News Feed Item

Booz Allen Helps Utilities Update Cybersecurity Standards and Strengthen Performance

When the North American Electric Reliability Corporation (NERC) signed Order 791 in January 2014, more than 400 utilities suddenly faced a tight timetable to plan for and comply with version 5 of the Critical Infrastructure Protection (CIP) cybersecurity standards.

The reason for the change is clear and timely: A report from the Department of Homeland Security’s Cyber Emergency Response Team disclosed that the energy industry faced more cyberattacks between October 2012 and May 2013 than any other sector.

Booz Allen understands that for utilities to achieve compliance, it takes a specialized strategy. Before utility organizations embark on addressing the new regulations, Booz Allen offers the following best practices for information security executives to consider on their journey to NERC-CIP version 5 compliance:

      1.   Conduct a cybersecurity strategic simulation that will enable a utility to identify security gaps, prioritize assets, and identify areas for improvement – without the consequences of an actual cybersecurity incident or an audit. The controlled environment of a simulation allows participants to safely explore real-world situations, resulting in improved communication, coordination and the identification of any gaps in existing response plans.
 
2. Develop a strategic plan that positions the utility to manage future threats as well as standards. Implementing best practices from the start can serve as a footprint for success, allowing utilities to leverage existing investments in people, processes and technology that ultimately prevent them from overspending.
 
3. Pursue a knowledge management system that will ensure business continuity for today and the future. The aging workforce presents a major industry challenge: an exodus of institutional and technological “know how” that could hamper a company’s ability to continue its mission effectively. It is important to establish a team that understands the regulatory environment, threats, and overall enterprise.
 
4. Implement an internal program to address employee cyber “hygiene” and the potential for insider threats. Ultimately, all staff within an organization can pose as a cyber threat – either accidental or intentional. These challenges can no longer be the sole responsibility of IT. Utilities should communicate to all employees the significance of being cyber risk aware, and knowing what to do when a concern arises.
 
5. Acknowledge and understand the difference between compliance and security. Keeping up with standards will help utilities avoid legal exposure, fines, and the like. But that does not necessarily make a utility company more secure – there is no silver bullet formula for security. Rather, cybersecurity is intimately tied to a utility’s business strategy and operations, and must be customized to the organization.

“Utilities will continue to face the challenge of balancing strong cyber risk management and constantly evolving regulation,” said David Cronin, principal, Booz Allen Hamilton. “Going from NERC-CIP version 3 to the version 5 requires a partner that knows not only the rules, but just as an importantly, has deep industry experience to recognize the diverse needs of utility companies – all while minimizing cost and leveraging existing investments, where possible,” Cronin added.

About Booz Allen Hamilton

Booz Allen Hamilton has been at the forefront of strategy and technology consulting for 100 years. Today, the firm provides business and technology solutions to major corporations in the financial services, heath, and energy markets, leveraging capabilities and expertise developed over decades of helping US government clients in the defense, intelligence, and civil markets solve their toughest problems. Booz Allen is headquartered in McLean, Virginia, employs approximately 23,000 people, and had revenue of $5.76 billion for the 12 months ended March 31, 2013. In 2014, Booz Allen celebrates its 100th anniversary year. To learn more, visit www.boozallen.com. (NYSE: BAH)

BAHPR-GI

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
DXWorldEXPO LLC announced today that Telecom Reseller has been named "Media Sponsor" of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
Wooed by the promise of faster innovation, lower TCO, and greater agility, businesses of every shape and size have embraced the cloud at every layer of the IT stack – from apps to file sharing to infrastructure. The typical organization currently uses more than a dozen sanctioned cloud apps and will shift more than half of all workloads to the cloud by 2018. Such cloud investments have delivered measurable benefits. But they’ve also resulted in some unintended side-effects: complexity and risk. ...
By 2021, 500 million sensors are set to be deployed worldwide, nearly 40x as many as exist today. In order to scale fast and keep pace with industry growth, the team at Unacast turned to the public cloud to build the world's largest location data platform with optimal scalability, minimal DevOps, and maximum flexibility. Drawing from his experience with the Google Cloud Platform, VP of Engineering Andreas Heim will speak to the architecture of Unacast's platform and developer-focused processes.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, will provide an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life ...
"I think DevOps is now a rambunctious teenager – it’s starting to get a mind of its own, wanting to get its own things but it still needs some adult supervision," explained Thomas Hooker, VP of marketing at CollabNet, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"We are still a relatively small software house and we are focusing on certain industries like FinTech, med tech, energy and utilities. We help our customers with their digital transformation," noted Piotr Stawinski, Founder and CEO of EARP Integration, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in development and launches of disruptive technologies to create new market opportunities as well as enhance enterprise product portfolios with emerging technologies. His most recent venture was Octoblu, a cross-protocol Internet of Things (IoT) mesh network platform, acquired by Citrix. Prior to co-founding Octoblu, Chris was founder of Nodester, an open-source Node.JS PaaS which was acquired by AppFog and ...
The Founder of NostaLab and a member of the Google Health Advisory Board, John is a unique combination of strategic thinker, marketer and entrepreneur. His career was built on the "science of advertising" combining strategy, creativity and marketing for industry-leading results. Combined with his ability to communicate complicated scientific concepts in a way that consumers and scientists alike can appreciate, John is a sought-after speaker for conferences on the forefront of healthcare science,...
"We focus on SAP workloads because they are among the most powerful but somewhat challenging workloads out there to take into public cloud," explained Swen Conrad, CEO of Ocean9, Inc., in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"The Striim platform is a full end-to-end streaming integration and analytics platform that is middleware that covers a lot of different use cases," explained Steve Wilkes, Founder and CTO at Striim, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Your job is mostly boring. Many of the IT operations tasks you perform on a day-to-day basis are repetitive and dull. Utilizing automation can improve your work life, automating away the drudgery and embracing the passion for technology that got you started in the first place. In this presentation, I'll talk about what automation is, and how to approach implementing it in the context of IT Operations. Ned will discuss keys to success in the long term and include practical real-world examples. Ge...
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.