Schweitzer Engineering Laboratories (SEL) has introduced system-hardening solutions that improve the security of electric power protection and control systems.
System-hardening solutions implement layers of defense that work together to reduce the “attack surface” of the system.
“We provide a solution that is the cyber equivalent of designing a bunker to resist bombardment while allowing friendly forces to come and go safely,” said Frank Harrill, SEL Vice President of Security. “As the threat landscape continues to evolve, these system-hardening solutions and services will enable us to better help customers manage the security profile of their systems long-term.”
With this solution, Cyber Services assesses the system against the NIST cybersecurity framework and identifies security gaps and then develops a phased plan to remediate the risks based on severity.
The team follows engineering processes that consider industry standards, such as CIS (Centre for Internet Security) and STIG (Security Technical Implementation Guides) configuration guidelines, as well as equipment vendor guidelines and regulation compliance.
Throughout the process, SEL engineers ensure that the system is not only secure, but also continues to perform its essential functions reliably.
The complete SEL system-hardening solution includes:
- Assessing the infrastructure, such as servers, applications software, operating systems, databases, firmware versions, and network devices.
- Remediation actions, such as removing unnecessary software; disabling unnecessary ports and services; and configuring servers, firewalls, routers, ports, switches, BIOS, and default credentials.
- Creating a security profile by establishing a system baseline.
- Reviewing and establishing continuous change control procedures.
- Periodic scheduled assessments of the state of the system.
To learn more about our cybersecurity services, contact the SEL Cyber Services team.