Utilities and NERC Compliance

Bit9 + Carbon Black enables utilities to monitor activity, lock down critical systems and achieve NERC compliance.

Stronger regulations and an increased focus on overall efficiency are putting increased pressure on public utilities to update and network their critical infrastructure systems. While these advances have tremendous potential for cost savings and efficiency improvements, they also bring new security risks that must be addressed.

As the cyber-security threat landscape changes, both in complexity and intent, critical infrastructure is becoming an increasingly popular target for advanced attacks and must be protected. With the rise of attacks like Stuxnet that targeted critical industrial infrastructure, to the increased scanning of utilities’ Internet-based systems by hackers looking for vulnerabilities, organizations that build and support the critical infrastructure must take proactive measures to ensure that the reliability and integrity of these systems is maintained.

As the leader in endpoint threat prevention, detection and response, Bit9 + Carbon Black can help utility companies deploy a policy-driven approach to critical infrastructure device security that achieves NERC compliance and will ensure the integrity of critical systems.

As SCADA and other critical infrastructure devices increasingly run commercially available software and have IP connectivity, it is essential that all utility companies have a strong and proven strategy in place to ensure the security and integrity of these critical endpoints and devices.

The Bit9 + Carbon Black Security Platform can help ensure the integrity of critical infrastructure by:

  • Preventing unauthorized software: Lock down critical systems by ensuring that all new software is validated and checked against an authorized list or approved by IT before executing.
  • Blocking unauthorized portable storage devices: Easily block USB drives, CDs, etc., ban or approve devices by type or serial number so only preauthorized devices can execute.
  • Auditing all software changes: Ensure compliance and determine accountability with a comprehensive audit trail of all application changes.

By stopping vulnerable and malicious applications and delivering configuration, change and process controls, Bit9 + Carbon Black can help you achieve NERC compliance by:

  • Proactively monitoring and controlling configurations
  • Preventing malware, targeted attacks and unauthorized applications
  • Detecting and monitoring all software changes
  • Controlling the use of removable storage devices and USBs
video
Video: Bit9 + Carbon Black Explained in Two Minutes

NERC CIP 5 Interactive Presentation

Use Now

Solution Brief:
Critical Infrastructure Control Systems

View Now

Data Sheet:
Bit9 Security Platform

View Now

Case Study:
Regional Electric Utility

View Now

Case Study:
Large Electric Utility

View Now
Bit9 + Carbon Black
DataXu