Working towards cyber security
Cyber Security is the application of technologies, processes and controls to protect systems, networks, programs, devices, data, and other platforms from cyber-attacks. It is implementing security measures to provide protection from disruption, misdirection, and destruction from cyber-attacks. It also aims to reduce and protect networks, technologies, data, etc., from unauthorized exploitation.
Prairie Energy Cooperative is endlessly involved in cyber security in both informational technology (IT) and operational technology (OT). In our IT world, it includes protecting devices, having strong passwords, controlling physical access to hardware, protecting against harm that may come via network access due to malpractice by end-users, whether intentional, accidental, or due to end-users being tricked into deviating from secure procedures, as well as operational technological (OT) platforms, e.g., SCADA, outage management, AMI (metering) systems, mapping, etc.
Cyber Security is growing more important due to the increasing reliance on computer systems in most societies and the growth of "smart" devices, including Smartphone’s, televisions and tiny devices as part of the Internet of Things (IoT) and wireless network such as Bluetooth and Wi-Fi.
In cyber security, a countermeasure is an action, device, procedure, or technique that reduces a threat, vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that corrective action (s) can be taken. It is the conceptual idea to use threat prevention, detections and response. These ideas are based on policies (system coded and written) and system components. Listed below are a few examples that Prairie Energy is always trying to eliminate or reduce attacks or threats as best as we can:
- Protecting the cooperative from ransomware and other malware.
- Protecting the cooperative from phishing attacks.
- Quickly identifying the existence of cybersecurity breaches.
- Establishing secure relationships with partners/third-party providers that are responsible for IT and OT services.
- Strengthening our cooperative’s cybersecurity posture and resilience.
- Providing cybersecurity training to employees and directors.
- Prioritizing incident responses and cybersecurity mitigation measures.
- Protecting Sensitive Data (Members, Employees, Directors, Vendors, Contractors, etc.)
- Increase reliability of services by reducing or eliminating threats, vulnerable areas and virus attacks.
In December 2020, Prairie Energy participated in our national association’s (NRECA) RC3 Cyber Security Self-Assessment that will help build on our cyber program. Categories that are vital to having a good cyber security program are as follows:
- Identify: Identify the sensitive data, assets, and operations our entire electric cooperative manages. This includes data, assets, and operations handled by our employees and partners/third-party providers.
- Protect: Determine how to protect the sensitive data, assets, and operations our entire electric cooperative manages. This includes data, assets, and operations handled by our employees and partners/third-party providers.
- Detect: Determine how to discover attempted and ongoing cyberattacks in our electric cooperative.
- Respond: Determine what procedures to follow when a cybersecurity incident or natural disaster impacts our operational and/or sensitive cyber assets.
- Recover: Determine what actions to take to bring our electric cooperative into an operational state after a cybersecurity incident or natural disaster impacts our operational and/or sensitive cyber assets.
Lastly, we are all vulnerable from cyber-attacks at any time. Hackers are vigilant so we have to be alert as well. Cyber security is ever evolving, and we all need to be cognizant that something will happen, and we need to be prepared as best as we can from attacks. Prairie Energy will continue to monitor and enhance our cyber security program as well as keep you informed.