Strengthening small utilities: The power of public-private partnership

134682_Public_Sector-3.jpg

In the wake of recent cyber attacks against US water utilities, the vulnerability of local entities dependent on operational technology (OT) has been starkly highlighted. This danger was further emphasized last week when Congress held a hearing titled Securing Operational Technology: A Deep Dive into the Water Sector. Witnesses at the hearing painted a stark picture of the significant cybersecurity risks facing small utility companies today.

The expanding threat landscape

The vulnerability of small utilities to cyber threats is not a new revelation; however, the focused, state-sponsored nature of recent attacks brings heightened concerns. There are approximately 150,000 public water systems and 16,000 publicly owned wastewater systems in the US, the majority of which serve smaller populations. These systems face unique challenges such as limited budgets and personnel, lack of onsite security, and limited forensic expertise.

Enhanced OT security: A call to action

The urgency for robust OT security measures is becoming a familiar cry among cybersecurity and federal officials in the US, emphasizing the need for fundamental security measures and better information sharing. Last month, the Cybersecurity Infrastructure Security Agency (CISA) released a 27-page Cyber Incident Guide for incident response best practices and information on federal resources. In addition, it recommends practicing good cyber hygiene, such as removing public-facing assets from internet exposure, changing default passwords, and adhering to cybersecurity performance goals as outlined by CISA. These are critical steps in mitigating the risk of cyber attacks on the nation’s critical infrastructure.

The imperative of government and industry collaboration

The collaboration between government bodies such as CISA and the Environmental Protection Agency (EPA), alongside industry organizations, should continue to play a central role in supporting these at-risk utilities. Government-run initiatives, such as CISA’s free security scanning for water utilities and the facilitation of statewide tabletop exercises, are instrumental in preparing for potential cyber threats. However, public-private partnerships will also be essential to protecting these vulnerable utilities.

Strengthening cyber defenses through the Community Defense Program

The Dragos Community Defense Program, supported by Elastic®, stands out as a prime example of how collaboration and resource sharing can significantly bolster the cybersecurity defenses of small utilities. Dragos has partnered with Elastic to use Elasticsearch to provide the scale needed to deliver the Dragos Platform as a free offering. Elasticsearch® serves as the primary log storage and query engine within the Dragos platform, enabling users with full-text search capabilities across months of stored security logs. By offering free access to advanced OT cybersecurity tools and training, this initiative aims to alleviate resource strain, empowering small utilities to develop robust OT cybersecurity programs capable of defending against sophisticated cyberattacks.

A unified front against cyber threats

As we navigate the increasingly complex cyber threat landscape, the unified efforts of government agencies, industry partners, cybersecurity firms like Dragos, and search analytics firms such as Elastic are vital in safeguarding our critical infrastructure. The Community Defense Program is a testament to the proactive measures necessary to ensure the resilience of small utilities against cyber threats, thereby securing the essential services they provide to our communities. Together, we can strive for a future where our critical infrastructure remains secure and resilient against the cyber threats of today and tomorrow.

Learn more about protecting citizens, data, and IP in the ebook Cybersecurity for public sector.

The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.