Utilities Security and Compliance Solutions

Security Ensures that Online Applications Deliver Efficiency

Inadequate security can handicap the day-to-day operations of a utility. From automated meter reading (AMR) to customer record management and online bill pay, availability and security are essential. As more customers migrate to the use of online services, utilities have the added risk and responsibility of protecting sensitive personal financial information from falling into the wrong hands.

The Security Landscape for Utilities

Attacks are changing from public acts of defiance to organized theft by well-funded crime rings. This means that hackers are operating under the radar and are targeting specific organizations rather than launching broad-based attacks. Using automated reconnaissance, hackers find companies that are more vulnerable than others. Then hackers focus on organizations housing identity data, resources, or infrastructure that is of interest to them to obtain or damage. The window for effective response to targeted attacks has become very small and requires sophisticated "hand to hand combat" with savvy attackers.

Using SecureWorks to Extend Your Security Team

SecureWorks has a 24x7 staff of security experts who are exclusively focused on researching the security landscape, analyzing information that we see from our 2,900 clients, and rapidly implementing countermeasures, such as intrusion prevention signatures and updates to policies, rule sets, and configurations. We are watching your network 24 hours a day, seven days a week with certified security analysts. We are using the most sophisticated tools available to detect and prevent attacks anywhere in your environment. In addition, our Security Operations Center is available to you around the clock to provide consultation to further your understanding of your security environment.

Compliance

SecureWorks provides comprehensive compliance reporting that makes it easy for you to map regulations to controls and ultimately to evidence of executing those controls. We use key metrics in our database to support controls with real information about when security reports were reviewed, when changes were made, how often you were attacked, etc. Our reports have been used successfully by organizations to pass thousands of audits since SecureWorks was founded.

CIP Standards Finalized

A Ballot Pool approved standards CIP-002-1 through CIP-009-1 on March 24 and approved them for adoption by the NERC Board of Trustees on May 2, 2006. The standards became effective on June 1, 2006. To provide time for Responsible Entities to examine their policies and procedures, to assemble the necessary documentation, and to meet the requirements of these standards, compliance assessment will began in 2007.

SecureWorks' Security Services can help you in many areas of CIP Compliance.

• Comply with government and industry regulations issued by ERO, DHS, NERC, and FERC
• Proactively manage your risks of network outages by preventing malicious viruses, hackers and DdoS attacks
• Avoid costly network outages and disruption of services
• Safeguard sensitive customer information
• Realize greater return on investment and lower total cost of management from a comprehensive outsourced security solution

How SecureWorks Can Help You Comply with CIP

• SecureWorks Services and CIP Compliance

Services for Utilities

• Security Management Services
• Security Monitoring Services
• Self-Service Security
• Professional Services

Resources

• NERC CIP Standards (pdf)