The energy sector is facing increased threats to the national grid from state-sponsored organizations. In 2018, for example, the U.S. publicly accused Russia of conducting a coordinated campaign of cyber intrusions into the U.S. power grid. By nature, the inherent concept of Collective Defense appeals to many energy companies, because they already have adopted a similar collaborative approach through the concept of “mutual aid,” in which energy companies collaborate to manage the aftermath of extreme weather events.
Perhaps even more threatening than extreme weather are the risks posed by network cyber attacks, which can disable entire power grids with one piece of malware. Energy companies have begun to look to Collective Defense as a way to expand the concept of collaboration to network security to protect the grid at large from cyber attacks.
One such energy company, an urban-based provider that serves 11 million customers in a large metropolitan area of the U.S., adopted this Collective Defense approach for cybersecurity early on. This company cites cybersecurity as its top enterprise risk, because the location of its service area makes it a target for nation-states, hackers, and criminal organizations.
Although the company has had a robust cybersecurity program for more than a decade — covering people, process and tools — what was missing was the ability to analyze activity across the network. The company called on IronNet because of the breadth of what it does, including its Network Detection and Response solution for applying machine learning to known threats and identifying where the company is at risk.
Working together across the energy sector
This company also was very compelled by IronNet’s Collective Defense vision. In fact, it looked to IronDense and IronDome as an additional layer of security to their existing cybersecurity ecosystem, providing them better peace of mind for security protections.
Like most energy companies, this particular IronNet customer looks well beyond itself. Protecting the energy sector is a matter of national safety and service continuity. IronDome provides this energy customer with insight into what’s threatening the sector as a whole. This approach gives the company the ability to adapt proactive security measures before the threats reach their own network.
An extra SOC team on its side
In addition to Collective Defense, the customer realizes a lot of value with the integration of IronNet’s hunt team with CSOC operations. This trusted relationship is built on dynamic threat sharing. Generally, the IronNet CyOC relays information on specific alerts in a chat channel, thereby launching a dialogue with the customer’s own SOC team. This increased level of visibility into threats helps the company to be more proactive in their ongoing cyber defense.