Customers complete Phase 1 of cybersecurity program
May 2, 2016Two Heartland customers will soon have a better picture of their cybersecurity position thanks to an assessment completed by Helix Security. Buzz Hillestad recently visited Madelia, MN and Volga, SD to perform the first phase of Heartland’s cybersecurity program.
“The initial onsite visit allows us to collect data and get a good picture of the utility’s internal network,” said Hillestad. “We also have a number of online meetings with them afterwards as we build a data flow diagram of their internal and external network assets.”
Helix uses a tool called Nessus to scan the utility’s network and identify any risks associated with it. Hackers are in a race with software companies to exploit software vulnerabilities before organizations identify and protect against them. This initial assessment includes routers, switches, servers and other network equipment operated by the utility staff.
Helix has developed an industry-leading reporting process that clearly identifies what organizations need to do to resolve vulnerabilities and correct network deficiencies. Helix also provides an easy to understand evaluation of the information assets of the utility and associated risks. This report helps the utility prioritize the areas on which they should be spending their information security dollars.
“Once we know where the risks lie and how much risk is present, we can create a plan to increase a utility’s cybersecurity posture,” said Hillestad. “It will prioritize which processes, policies, controls, etc. should be implemented, and in what order, leading the utility to a more secure environment in terms of cybersecurity.”
Both Madelia and Volga were satisfied with the services Helix provided and look forward to learning more.
“We were surprised at how quickly Helix was able to complete the onsite portion of the Phase 1 assessment,” said Volga Finance Officer Ashley Rentsch. “Buzz provided us some valuable feedback right away and we look forward to seeing the full report to determine where we can improve our security controls.”
Heartland partnered with Helix because utilities are reliant on technology to deliver the services they provide. Organizations need to ensure they have the appropriate security controls in place to adequately protect confidential information.
“We implemented this program because we don’t want our customers assuming they are not at risk or that they don’t have any information worth stealing,” said Heartland Communications Manager Ann Hyland. “Anyone who uses a computer is at risk. Hackers can access your system, corrupt your files and delete all your data. Helix provides an affordable and easy to follow process to mitigate that risk.”
Heartland will pay half the cost of each phase of the Helix program, up to $5,000 per phase, per customer. Utilities interested in getting started can contact Ann Hyland at Heartland or Helix directly at 605-270-3321 or via email.