a steven briggs story - sans institute · a steven briggs story. power operations cyber security...
TRANSCRIPT
A Steven Briggs Story
Power Operations Cyber Security Risk Profile• Nation States Highly Skilled Hackers
• Insider Threats Trusted VendorsAttackers
• Establishing external connectivity Compromised machine
• Removable Media Combined physical and cyber Means
• Destroy capabilities Degrade capabilities
• Publicity Customer impactMotive
• Insider Threat Outside Connections Process Failures
• Unstaffed sites VisitorsOpportunity
• Cause loss of life Damage our assets Security protections gap Impacts reputation Difficult to regain control Regulatory failureBusiness Impact
MitigationsLimited External Connections Security Conscious Staff Engaged System Owners
Regulatory Controls Security Monitoring Service Security Assessments
Physical Security Protections Diversity in hardware/software Customized configurationDocumented repeatable processes Built in security checks and balances Fear
Define
Identify / Locate
Classify
Document
Protect
Review
Power Operations Data Protection Process
Automating your reoccurring items
Plants will work with out computers
Computer Remote Analysis Programs
Learn the system geography and site importance
http://emilygrubert.org/wp-content/uploads/2019/01/eia_860_2017_map_upload.html
Learn the network configuration
Develop a long term plan
Bring your knowledge of helpful IT appsRules!
• The current process works.
• Technology doesn’t always work given the conditions in the field.
• Understand the business function that is going on before you suggest tech.
• Approach in a supportive manner.
Go back and tell your friends
Information Technology
Respond politely when IT wants to come in to OT and provide additional services
that you didn’t ask for.
Gathering Support From other business units Throwing their systems and services out of your environment
Questions
Steven BriggsSenior Program Manager I&C systems Generation Cyber SecurityTennessee Valley Authority• E-mail: [email protected]• Twitter: @tnvolsfan29