Green Energy

Solutions

Green Energy

Green Energy

Recent security breaches in the Energy sector show how important to have a fast clear track of implementing security. The Energy sector is vulnerable due to high strict requirements before connecting anything to the grid. Compliance regulations like NERC CIP come with lots, lots of audits.

An Easy Sector to be exposed

The Energy sector can be considered to be easy to attack for 3 important reasons:

  • It has lost of legacy. Most of the system in these environments has lost of legacy operating systems. Server landscapes are pretty open. SCADA systems often are sending data directly to hosted VMs in the Data Center or cloud
  • IoT – Internet of things bring the attack vector to the next level. Those devices can speak to any device and any given point in any location on-premises data centre, cloud-hosted VMs
  • Lateral move – The Energy sector use complex systems to monitor their infrastructure and those systems have access to almost everything in the companies’ assets. Monitoring systems and general IT systems are highly valued by hackers. Example of this SolarWinds hack a.k.a SUNBURST

AutoNSX Solution to shutdown SolarWinds SUNBURST

If the Energy Provider or producer runs non – segmented applications, the implementation of micro-segmentation is too complex involving multiple moving parts and constantly changing environment, as with the example of SolarWinds hack, then the entire grid can be under high-security risk. The provider could also be subject to NERC SIP compliance violations and breach fines, in case of breaches.

Accordingly, the energy sector is looking at AutoNSX Solution to improve the productivity of a short-staffed security team, deliver governance and ultimately micro-segment their application running in the data centre or cloud, including the ability to:

  • Provide detailed reports on segmented applications
  • Provide correlations between application flows and firewall policies
  • Provide visibility on the objects that are changed
  • Follow change management process
  • Simplify change management process on the firewall in datacenter/cloud
  • True Application Owner visibility of the implemented rules in the firewall