Tips de Ciberseguridad en Subestaciones

Tips de Ciberseguridad en Subestaciones

Currently, electrical substations have varied technologies and Ethernet-based protocols that have inherited inherent vulnerabilities and industrial protocols were not designed with cybersecurity aspects in mind, but focused on giving maximum availability to systems.

Here are ten cybersecurity tips to keep your infrastructure safe

1. 

Define a security policy for the OT network, where actions such as: password management are taken into account, in order not to use the default passwords of the systems, or the handling of USB memories within the substation. 

2.

Maintain updated information on assets, cyber assets and cyber systems that have a substation level.

3.

Clearly define the boundaries of the operational network (OT) and the corporate network (IT) as well as the points of convergence of these two networks.

4.

Establish the electronic perimeter of security of the LAN OT network (through a stateful firewall) at the substation level, as well as the electronic access points as shown in the image.
Where possible, use access control through systems such as Axon Cybersec that allow control and traceability of personnel who access equipment within the substation and the changes made.

 

 

5.

Centrally maintained in systems such as Axon BMS (Axon Backup Management System) backups and control of changes in cyber-active configurations such as IEDs, Gateways, Switches.

6.

Develop a cyber asset recovery plan, incident management and response plans, in addition, execute the recovery plan through simulated incidents related to cyber attacks, errors, equipment damage. This allows you to feed back the process

7.

Do not neglect physical security and establish access and monitoring controls such as biometric controls and CCTV. Review the safety regulations of your country and complement international regulations.

8.

Permanently raise awareness and train your work team on cybersecurity issues in IT and OT, so that among other things, they are not victims of social engineering.

9.

Take cybersecurity as a constant and constantly changing cycle (go back to step 1 and re-evaluate).

Written by: ENG. Carlos Andrés Lucero Aguirre – Axon Group

Para poder descargar el contenido de forma gratuita debe iniciar sesión: