2019 CSO50 Awards

City of Raleigh implements ICS monitoring tool for water treatment plants

Securing critical infrastructure and industrial control systems is hard, and the City of Raleigh is working to up its game.

Asking small municipalities to defend themselves against nation-state adversaries is a tall order, but it all begins with the basics of cybersecurity — the "blocking and tackling" — Steve Worley, SCADA security manager for Raleigh, NC, tells CSO. That means network monitoring. Knowing what's happening on your network is critical to responding to any undesired activity. However, operational technology (OT) network monitoring tools lag far behind traditional IT solutions, which aren't a good fit for industrial control systems.

In addition to network monitoring, Worley wanted the ability to actively query programmable logic controllers (PLCs) at water treatment plants to discover any changes in programming logic — by an employee, a systems integrator, or a malicious third party.

steveworley City of Raleigh

Steve Worley, City of Raleigh SCADA security manager 

Rather than develop a solution in-house, he chose to deploy the Indegy network monitoring tool. "We were looking to have more robust network monitoring for our network that spans across a large area of the county," he tells CSO.

Worley considered developing a solution in-house using open source tools, but concluded that would be too time-consuming. The city published an RFP and considered their options. "We looked at all the major vendors in the realm of network monitoring of SCADA/ICS networks," he tells CSO by email. "Indegy’s active monitoring of the PLCs and network was a major part of the decision to go with them." 

To continue reading this article register now

FREE Download: Get the Spring 2019 digital issue of CSO magazine today!