Heartland launching cybersecurity initiative

July 31, 2015

Heartland is launching a new program to help customers protect valuable data.

Buzz Hillestad, principal consultant and managing partner at Helix Security, presented on the importance of being proactive with cybersecurity at Heartland’s Summer Conference in July.

“There are different motivations behind cyber-attacks,” said Hillestad. “Ultimately, your information is worth money in the underground marketplace. There are people who earn a living through fraud – selling information they’ve hacked.”

Heartland has partnered with Helix Security to help customers protect against cyber threats. Helix provides cybersecurity services in five phases, starting with the fundamentals and building towards a fully functioning security management package. The implementation time frame can range from 18 months to five years, depending on the speed or focus each utility desires.

Heartland will provide a fifty percent cost share, up to $5,000 per utility, for implementing Phase 1 through Helix Security. A cost share will also be provided for subsequent phases of the program.

Heartland CEO Russell Olson believes this service is going to be essential to customers in the coming years. “Cybersecurity is an increasingly popular topic in the public power world. Threats against valuable information continue to escalate and it is imperative to protect both the utility’s and your customer’s data.”

Pricing for the first phase starts as low as $1.67 per meter, depending on the size of your utility. Phase 1 involves understanding your environment. First, all of a utility’s assets are identified both internally on networks and externally on the internet. All vulnerabilities are then discovered and defined.

“Vulnerabilities are assessed with the idea that we are an attacker that has just gained access to your network,” said Hillestad. “We find those vulnerabilities and determine what evil could be done through them.”

Phase 1 also includes assessing and measuring risk and basic risk management practices for cybersecurity. Helix will show the utility how to set risk management goals and how to achieve those goals over time.

Each subsequent phase dives deeper into securing infrastructure, including vulnerability management and penetration testing, leading to a fully layered security approach. The focus will be on quantitative measurement of security practices and continuous process improvement.

The fifth and final phase includes all of Helix’s security services and full access to a consultant specifically assigned to help with your security management and challenges. Services include quarterly vulnerability assessments, annual penetration tests, annual IT audits and more.

“Getting started on this program is very affordable, and even more so with the assistance Heartland will provide,” added Olson. “Helix has a strong reputation and right now, I think this is one of the most important services we’re providing.”

For more information on getting started, contact Ann Hyland at (605)256-6536