INTEGRITY When Life Depends On It
Securing Electricity Utilities from Cyber Attack
Electric utility leaders have been put on notice...
"[Cyber attacks] are national security threats that may be posed by foreign nations or others intent on attacking the United States through its electric grid," FERC Chairman Joseph Kelliher told a House subcommittee Sept. 11, 2008.
"Widespread disruption of electric service can quickly undermine our government, military readiness and economy and endanger the health and safety of millions of citizens," he said. "There may be a need to act quickly to protect the grid, to act in a manner where action is mandatory rather than voluntary and to protect security-sensitive information from public disclosure."
Hundreds of billions of dollars in assets. More than 200,000 miles of power lines. More than 800,000 megawatts of power. More than 300 million users in the US and Canada. An entire electric generation industry subject to attack by a single hacker working from anywhere in the world. It's not a matter of if, it's only a matter of when.
Sooner or later, cyber security strategies based on "pierce and patch" will result in:
- Executives not in compliance with Federal laws and facing fines and/or prison sentences
- Loss of electrical services
- Loss of value market capitalization, revenue, earnings
- Loss of customers
- Millions lost defending or settling class action lawsuits
- Millions of dollars spent on restoring service or refunding money to customers
- Customer health and medical emergencies, including death
- Widespread economic upheaval
- Widespread political and social upheaval
- Compromised national defense
A cyber security strategy based on "pierce and patch" is--
Unfathomable. Unacceptable. Untenable. Uneconomic.
And has largely been unfixable until now.
INTEGRITY the most secure and reliable software system ever developed can provide electric utilities with certified unbeatable cyber asset security. The National Information Assurance Partnership (NIAP) has awarded INTEGRITY a rating of EAL6+ High Robustness. No software system has ever come close to these ratings before INTEGRITY.
With INTEGRITY, mission-critical applications stay secure and customer data remains private, free from the possibility of intentional, hostile, well-funded, internal or external attack. And it's been certified not once, but multiple times.
"I still do not get the sense that we are addressing cybersecurity with the seriousness that it deserves. I think we could search far and wide and not find a more disorganized, ineffective response to an issue of national security of this import. If NERC doesn't start getting serious about national security, it may be time to find a new electric reliability organization." Congressman James Langevin, as quoted by PC World, May 21, 2008.
INTEGRITY helps electric utilities meet and exceed NERC's Critical Infrastructure Protection requirements.
- CIP-001-1 Sabotage Reporting - INTEGRITY eliminates the possibility of cyber sabotage.
- CIP-002 Critical Cyber Assets - INTEGRITY makes the risk assessment process simpler by eliminating the risk.
- CIP-003 Security Management Controls - INTEGRITY turns the minimum requirement into a "maximum" as the security management controls will be military-grade.
- CIP-004 Personnel and Training - INTEGRITY makes cyber awareness easy as access to and control of critical data are allowed based on a comprehensive policy strategy established by the electric utility.
- CIP-005 Electronic Security - INTEGRITY protects all the assets regardless of where they reside.
- CIP-006 Physical Security - INTEGRITY provides physical security planners with the added benefit of knowing the assets are secure from social hackers.
- CIP-007 Systems Security Management - INTEGRITY enables utilities to establish their own enterprise-wide and system-level protocols.
- CIP-008 Incident Reporting and Response Planning - INTEGRITY prevents any attack from getting out of the secure hypervisor involved. Attacks can be eliminated with a single click of a mouse.
- CIP-009 Recovery Plans - INTEGRITY ensures that critical cyber assets are always safe and always available from INTEGRITY-enabled data storage facilities should physical damage create the need to rebuild an electric utility command center.
Certified as secure and reliable for both military and non-military use as a result of the most rigorous testing and evaluation possible, INTEGRITY offers:
- True security
- Open communication is possible without risk to critical assets
- Mission critical assets and applications remain completely safe and secure
- Cost savings
- INTEGRITY Secure Consolidated Client (ISCC)
- Simultaneous support of legacy and mission critical applications
- Form flexibility
- Protect desktop PCs, servers, Thin-Client Workstations and even PDAs
- Open Standards
- Supports Windows and Linux
- Ability to create native POSIX applications
- Certified security and reliability no other operating system can offer this level of security and reliability and no other operating system has ever been certified to the levels of INTEGRITY
To learn more about how INTEGRITY Global Security can secure your electric utility, please call 805.882.2500, or send email