The energy sector is facing increased threats to the national grid from state-sponsored organizations. In 2018, for example, the U.S. publicly accused Russia of conducting a coordinated campaign of cyber intrusions into the U.S. power grid. By nature, the inherent concept of Collective Defense appeals to many energy companies, because they already have adopted a similar collaborative approach through the concept of “mutual aid,” in which energy companies collaborate to manage the aftermath of extreme weather events.
Perhaps even more threatening than extreme weather are the risks posed by network cyber attacks, which can disable entire power grids with one piece of malware. Energy companies have begun to look to Collective Defense as a way to expand the concept of collaboration to network security to protect the grid at large from cyber attacks.
One such energy company, an urban-based provider that serves 11 million customers in a large metropolitan area of the U.S., adopted this Collective Defense approach for cybersecurity early on. This company cites cybersecurity as its top enterprise risk, because the location of its service area makes it a target for nation-states, hackers, and criminal organizations.
Although the company has had a robust cybersecurity program for more than a decade — covering people, process and tools — what was missing was the ability to analyze activity across the network. The company called on IronNet because of the breadth of what it does, including its Network Detection and Response solution for applying machine learning to known threats and identifying where the company is at risk.
.png)
