Columbia Power and Water Systems has adopted N-Sentinel Monitoring and N-Sentinel Vulnerability Assessment to protect corporate, SCADA and AMI networks. The two N-Sentinel services help CPWS reduce risk from cyber threats and vulnerabilities through timely awareness and insights into cybersecurity issues along with specific steps the utility can take to address them.
CPWS is a Tennessee-based municipal utility delivering power, water, telecommunications, and cable services to 26,000 homes and businesses within the City of Columbia and Maury County. The utility is committed to providing reliable utility services at reasonable rates, as well as actively supporting the local community. When their network consultant closed shop last year, they took a step back to assess how to protect themselves from cyber risks going forward. The utility already had firewalls and other security devices in place but they wanted to find a solution that provided them the security insights and intelligence they needed without adding additional work load to their already taxed IT staff. N-Dimension’s comprehensive managed cybersecurity services for utilities uniquely met their needs.
“We identified the need to add the additional layer of cybersecurity protection N-Sentinel provides to both our power and water communication infrastructures,” said Karen St.Clair, IT Manager, CPWS. "We've completed the first step in adding this fortification on the electricity side and plan to deploy it on the water side as well."
There were two challenges that CPWS sought to address on their power communications network. The first was identification of compromised end points connected to the network. Their security consultant had conducted annual penetration tests of networked endpoints. The results of these test offered CWPS insight into vulnerabilities at a single point in time. The utility reviewed and addressed the identified vulnerabilities, however, they had no way to verify their actions truly addressed the vulnerabilities until the next penetration test a year later. In addition to verifying their protective actions, CPWS was concerned what might be happening the other 364 days of the year. N-Sentinel Vulnerability Assessment has been installed on five of the utility’s network segments enabling them to run vulnerability scans on demand providing timely access to the associated report.
“It is a huge benefit for us to be able to run a vulnerability assessment frequently,” said St.Clair. “I now feel more confident in our ability to quickly identify endpoint vulnerabilities and shut them down before they become a serious issue.”
The second challenge that CPWS wanted to address was a way to reinforce and verify how well their firewalls protected them. To meet this need, N-Sentinel Monitoring was installed on five of CPWS’ network segments adjacent to a firewall, to monitor network traffic on a continuous basis and alert on anomalous behaviors. Almost immediately, N-Sentinel Monitoring identified two servers that were frequently being targeted by cyber attacks. By reviewing N-Sentinel Monitoring’s prioritized list of threats and protective actions to be taken, the CPWS IT team has been able to take timely action to reduce risk.
“N-Sentinel Monitoring has opened our eyes and given us new visibility to see what’s really going on in our networks and who’s knocking on the door,” said St.Clair. “While it can sometimes be scary, it gives me comfort that I can now see the issues and have timely expert guidance on remediation.”
“Cyber threats are one of the key challenges facing power companies of every size today, from generation to the point of delivery,” said Tom Ayers, president and CEO, N-Dimension. “The potential damages a cyber threat or exploited vulnerability could cause are wide ranging and potentially devastating for people, as well as financially damaging and even life threatening. N-Sentinel managed security services are tuned to improving utility cybersecurity defenses leveraging our homegrown technology and in-house security experts.”