Managing cybersecurity threats for water districts

December 17th, 2018
Managing cybersecurity threats for water districts

Infrastructure systems, including water utilities, are constantly at risk from cyberattacks. Critical infrastructure systems make great targets because restoring them as soon as possible is always a higher priority than catching cybercriminals. A water utility that gets infected by ransomware doesn't have time to repair its IT anymore and may be tempted to pay the ransom. That should never be the option.

For the past 10 years, utilities have used advanced communications technology such as Internet-of-Things (IoT) devices to provide better, safer, and more reliable services. However, these advancements also pose a lot of risks, particularly pertaining to cybersecurity.

In fact, according to USA Today, the US national power grid faced physical and digital attacks approximately once every four days in 2015. With the aggression and expertise of the US’s adversaries, imagine how much threat the national power grid is facing right now. In a testimony before Congress in 2014, National Security Agency Administrator Michael Rogers said that China and a few other countries can shut down the US power grid.

Water district security vulnerabilities

Undetected attacks can result in service interruptions, data thefts, and infrastructure damages. For example, attacks on water supply and water quality infrastructure can also result in disruption of water and wastewater services, which negatively impact public health and the environment.

The problem is, automation exposes utilities to cyberattacks that don’t require hackers to be physically present. This increase in threat surface and points of vulnerability are due to:

  • Industrial control systems (ICS)
  • Supervisory control and data acquisition (SCADA) systems
  • Remote terminal units (RTUs)
  • Operational technology (OT), information technology (IT), and IoT devices

Most threats are still economically motivated but old-fashioned vandalism remains a problem. Water utilities face huge risks, which means they need comprehensive, multi-layer solutions of both the IT and human variety.

How can water utilities respond to threats?

To reduce vulnerabilities from cyberattacks, utilities should identify systems that need to be protected, separate them into functional groups, implement layered defenses around each system, and control access into and between each group.

This includes building firewalls to limit the number of individuals with authorized access to networks, updating software on a regular basis, requiring strong passwords, and maintaining antivirus software. Additionally, water utilities need excellent offline security, such as employee training, physical security measures, and quarterly assessments.

Vulnerability and penetration testing should also be carried out to identify weaknesses in IT systems so your business can fix them before attackers take advantage of these. A penetration test is a great way to simulate the different ways that your network can be physically or digitally broken into so you can prepare your staff. Since cybersecurity is constantly evolving, every penetration test should reveal new vulnerabilities that you must fix as soon as possible.

Go the extra mile with SIEM and SOC

You should also implement security information and event management (SIEM) to monitor and alert administrators of unusual system activity, potential breaches, malware attacks, and noncompliant or unsafe practices. SIEM can also log additional information and instruct security controls to stop the unusual activity’s progress.

Event monitoring can also be used to monitor specific details of user activity (events) in your organization. This way, you can scrutinize individual events or track trends to quickly identify an abnormal activity and secure your company’s data.

Lastly, you should build a security operations center (SOC) to monitor and analyze your company’s security posture in a consistent and real-time basis. The goal of an SOC is to detect, analyze, and respond to cybersecurity incidents using various technology solutions and processes. In fact, SOC staff are obligated to work closely with response teams to ensure that issues are discovered and addressed quickly.

Hiring an MSP to handle cybersecurity

Employing the solutions mentioned will secure your network, but it takes a lot of effort to manage and the best solution is partnering with a managed IT services provider (MSP). They’re a low-cost, high-gain investment. You can acquire all the cybersecurity solutions mentioned above from a single provider. All you need is an MSP and you get all the cybersecurity solutions and services water utilities need for a single, low-cost, monthly fee.

MSPs take a holistic approach to solving IT issues. They give you comprehensive protection by bundling everything from software management and perimeter security to proactive maintenance and staff training. Employees should be your first line of defense when it comes to cybersecurity. MSPs such as Forum Infotech provides Spring Education Series to help your staff learn more about IT issues such as ransomware, phishing, dark web to name a few.

IT services providers who are vertical industry focussed are standing out from their peers by understanding the unique requirements of the water districts and then architecting cybersecurity strategy. Because of our expertise in water districts we understand their workflow. Forum Infotech has been in the business for 13 years and we take our clients’ cybersecurity seriously. You can watch our clients’ testimonials to better understand how deeply we engage our clients.

Your MSP should also perform comprehensive vulnerability assessments and penetrations tests to highlight the weaknesses and offer resolution support to water utilities. That way, they can recommend appropriate security technologies that meet your needs and budget.

Are you looking for a managed IT services provider in Corona to handle your utility’s cybersecurity? Partner with us and we’ll take care of your IT needs. We provide IT services for small- and medium-sized businesses based in Riverside, Orange County, Los Angeles, and Corona. Contact us today.