Image courtesy: EEHStoday
According to Shanna Ramirez, hacking at CPS Energy is almost like battle plan that’s carried out on a daily basis. Ramirez works for the city-owned electricity corporation as vice president and chief integrated security officer.
She said that,”We can’t really be successfully operating unless we’re securely operating.”
CPS Energy, employs a variety of overlapping security procedures to make sure that the attackers do not compromise the entire system.
For a power provider that serves 884,811 electricity consumers and 366,709 natural gas customers, there’s a lot on the line. Their anti-hacking measures predate the recent energy ransomware attack on Colonial Pipeline, which impacted millions of people.
“You will see that ransomware is one of the most commonly used weapons by cybercriminals, hacktivists, by nation threat actors,” she says.
Outsiders attempted but failed to infiltrate the power company’s system, according to Ramirez. San Antonio, she added, was unaffected. CPS Energy refused to say whether it had been a victim of energy ransom.
“What we never talk about are specific incidents publicly,” Ramirez explained. “We don’t want to encourage bad actors.”
The San Antonio Water System would not talk about any efforts it takes to fend off hackers. They said their best security tactic is keeping their security tactics under a tight lid.
Ramirez said CPS Energy’s approach is ever-evolving. In place, she said, is an eye on system architecture to segregate or isolate hacking impact.
There are “robust security tools,” many of which the company is unable to identify for security reasons. Others can be more specific and come with human capital.
In addition, the company boasts a threat intelligence awareness group, incident response, and business continuity groups, and it remains vigilant about energy supply chain security.
“We areva constant target,” she said. “Disrupting iur energy supply and our fuel supply — it’s a real easy way to disrupt our entire society.”
CPS Energy turned down a request for a financial breakdown of the layered safeguarding.