Cybersecurity is top of mind for all organizations. It’s the No. 1 business and tech priority, according to the 2021 State of the CIO.
Although no industry is immune, the public sector is among the top targets for cyber attacks. These institutions reported 6,843 security incidents in 2019—the second-highest among industries, according to the Verizon 2020 Data Breach Investigations Report. The only sector that incurred a greater volume was professional services.
“We’ve had to be very much on top of cybersecurity,” says Kristen Sanders, Chief Information Security Officer for the Albuquerque Bernalillo County Water Authority. “Water utilities may not be thought of as a huge target, but we are because of the critical infrastructure we manage.”
That fact was highlighted with the recent attack on the Water Division of Oldsmar, Fla. A hacker remotely accessed the plant’s systems and raised sodium hydroxide in the water supply to poisonous levels. An employee recognized the intrusion and was able to reverse the changes before any damage was done.
“Obviously, that incident was really scary,” Sanders says. “That’s why monitoring tools are critically important.”
Securing infrastructure and the workplace
The Water Authority is New Mexico’s largest water and wastewater utility, producing about 30 billion gallons of clean drinking water annually to the greater Albuquerque metropolitan area. Like all organizations, it not only faces cybersecurity challenges but also concerns for the safety and security of its employees.
The utility implemented smart metering technology several years ago. It has helped quickly alert customers if there’s any indication of a water leak.
“We live in a desert state, so conserving water is a priority,” Sanders says.
Now, the Water Authority is gaining new benefits from the smart meter technology. Sanders says the utility wanted to tie together its operational technology (OT) side with the security aspects of IT. That’s where Cisco Cyber Vision came into play.
The solution offers integration across cloud, industrial networks, and Internet of Things (IoT) devices. It provides real-time monitoring and comprehensive threat intelligence to ensure security and resiliency.
“Cyber Vision really helped us to gain visibility into the industrial network and processes so we could see baseline security behavior,” she says. “Once we established what was normal, then we could monitor and receive alerts if something unusual happened. We now have a level of transparency that gives us peace of mind.”
The Water Authority also uses Cyber Vision to detects old or end-of-life systems. Cyber Vision embeds visibility into an industrial network to see everything that connects to it, allowing them to identify every asset connected to the network on the OT side. Sanders says this capability helps them proactively fix issues and avoid network down-time as much as possible.
The utility is also working with Cisco’s Duo Security to better protect its critical applications. The solution allows secure access to applications by using multi-factor authentication with contextual policies that verify a user’s identity and device. This became even more important as the Water Authority’s employees suddenly moved to work-from-home during the pandemic.
“We rolled out Duo pre-pandemic for multi-factor authentication across the entire organization,” Sanders says. “Considering the impact of COVID-19, Duo has been instrumental in enabling secure remote work. It is extremely easy to use. Even employees with no technical experience have had no issues with it.”
Overall, Sanders has been more than pleased with her organization’s relationship with Cisco and its solutions.
“They really set you up for success and help you get the most functionality out of the solution as possible,” she says. “Everything is transparent and done right the first time. I’ve been extremely happy.”