I read the below article while enjoying a cup of morning Joe, remembering a conversation I had just a week ago. So, I thought, before the house gets crazy with kids getting ready for school, I could pass along my thoughts on energy infrastructure and SCADA.
For many years, I’ve watched private companies spend huge dollars buying the latest and greatest network monitoring and endpoint security gizmos. Sure, these are an important PART of any organization’s Insider Threat Mitigation Strategy, but the best Insider Threat Programs concentrate on the people issue, vice online activity.
When it comes to our Energy Infrastructure, we must place a priority on the people who have their fingers on the switch, literally. I spoke with an engineer, who recently retired after 31 years working at a Mid-Atlantic nuclear power plant and they said they felt the cyber efforts in place were not the best way to defend against an Insider determined to cause harm or a catastrophic disruption in service.
The engineer stated the amount of cyber training, discussing things such as “where not to go on work computers” and “we’re monitoring you” were wasted efforts, if they were actually trying to protect the mission of the facility. They felt it was important for office staff and management, but line and operations employees would be better served with training on “See Something, Say Something” and an overview of suspicious behaviors.
They mentioned line and ops employees are often social outside of work and they would be able to help security leadership with preventing events, if they were better trained.
The engineer also discussed the need for better background checks during the hiring process. Employees at nuclear plants are investigated by the Federal Government, but as we’ve seen with recent NSA and other intelligence agency Insiders, the Government checks are not able to stop employees hell-bent on stealing or damaging our national security.
Quortum provides holistic Insider Threat Program Management services, with our partner, Carnegie Mellon University’s SEI CERT Insider Threat Center.
Insider Threat is a “human issue”, so we must address it at the human level. Network monitoring is an important part, but the humans who are the actual threat.
Please contact me directly to learn how Quortum can help you protect your organization’s Intellectual Property, Data and Employees. My e-mail is: firstname.lastname@example.org.
Here’s a link to the article….. Don’t forget to refill your cup….