A New Approach to Intelligent Situational Awareness and Incident Response
Guest Post by Jasvir Gill, CEO, AlertEnterprise
With energy theft and copper theft on the rise, utilities today are seeking innovative, cost-effective ways to deal with the challenge of monitoring un-manned and partially-manned assets such as remote substations, control rooms and storage facilities.
A U.S. Department of Energy report released in August 2011 cited an investigation that found that up to 30,000 pounds of copper were stolen by Department contract employees at a facility that is locked after hours and has access controls in place. In this case, like many others, detection of Insider Threat came after the incident and associated damage had already been done.
Much of our focus as organizations is to counter external threat. Unbeknownst to many, insider threat poses greater damage to our critical infrastructure, including to our physical, logical and security systems. Insiders have privileged access to critical company assets, knowledge of confidential information, and the inside scoop on a company’s vulnerabilities.
Insider threat poses greater damage to our critical infrastructure, including to our physical, logical and security systems.
There is an unsurprising trend among the utility industry for entities that engage in mostly manual detection of threat to substations. Most often, the vulnerabilities that arise in a substation environment are due to lack of an automated monitoring system. Rather than deal with the repercussions of NERC-imposed fines or tarnished reputations after an incident has occurred, many utilities across North America are securing their physical security parameters through security convergence technology. Security convergence technology delivers solutions for continuous monitoring for remote substations, control rooms and storage facilities. It turns out that true prevention of threat, including insider threat and external threat related to fraud, theft, acts of sabotage and terrorism involves more than just managing IT or physical security; it also includes the ability to actively monitor and promptly respond to any real or perceived issues.
For instance, a top ten utility has deployed this convergence technology whereby challenges in access management inclusive of contractor access to applications typically tracked manually were resolved to allow for automated access detection and documentation of access patterns and attempts. Establishment of a single integrated system with oversight over multiple departments and systems is key to obtaining a full enterprise view of risk because it eliminates silos and allows for single dashboard views for ease of access management to remote substations and facilities. Combined with this convergence technology is the capability for effective incident management and response through Situational Awareness.
Through convergence software, energy sector organizations can immediately enhance the protection of high-value business processes, critical infrastructure installations, defense and intelligence application and legacy applications where it is important to monitor who has access to critical applications and what they are doing with that access.
About Jasvir Gill and AlertEnterprise
Based in Silicon Valley, AlertEnterprise delivers next generation GRC, Identity Intelligence and Enterprise Access Management software specifically designed to prevent fraud, theft and acts of sabotage. AlertEnterprise delivers a unifying business layer that leverages existing IT systems, physical access systems and applications allowing organizations to manage security, risk and compliance for business applications, eliminate insider threat, and protect critical infrastructure.
Jasvir Gill brings more than 20 years of experience in security, compliance and access management to his role as the Founder and CEO of AlertEnterprise. Prior to AlertEnterprise, Jasvir was the Founder and CEO of application security company Virsa Systems where he led the design of the Virsa Continuous Compliance Suite. Virsa Systems was acquired by SAP in a deal valued at $400 Million. In 2007 Jasvir left SAP to establish AlertEnterprise and implement his vision to deliver the next generation of security applications.