A Cyber Smart Idea! The National Guard, Red-Teaming and Your Utility Company
We have written here before about the multiple benefits of "red-teaming," i.e. training your incident responders against a team of "friendly" but skilled cyber ninjas to probe networks, find vulnerabilities and "steal" information using the tools of a skilled adversary. Red-teaming has been around for years in various forms. It works. See Next Level Cybersecurity Incident Response Trends.
The annexed article shows the ingenuity and creativity of one Washington State utility, which teamed up with their local National Guard unit to red-team its computer network to see how and if it had any known vulnerabilities before the bad guys attack them first.
The result was good for all. As noted in the article, "The Guard unit was asked to conduct a Red Team assessment of the vulnerabilities of the SCPUD networks. The assessment indicated that the SCPUD had very good security of its operating network, at least from direct intrusion. However, the Guard was able to penetrate the utility by conducting a classic phishing attack on the e-mail system. Apparently, half the individuals targeted were fooled. Once into the e-mail system, the Guardsmen were able to eventually penetrate the entire network including into the utility’s SCADA systems." In sum, the utility was a winner anyway since it found that it was vulnerable and could adjust its defenses, and the National Guard team won since now it had familiarity with the computer network and could thus respond quicker in the event of an attack.
Should there be other occasions where a local National Guard unit, with appropriate cautions and training, can assist a local utility in understanding the nature and extent of its cybersecurity defenses? The answer obviously is "Yes, absolutely." We should be considering all options available to further the public/private partnership when it comes to cybersecurity. And especially when it comes to critical infrastructure. When it comes to cybersecurity, we are all in this together.
Looking for the next opportunity to put my expertise and experience to good use.
9ySounds like an obvious no brainer. A real win for everyone.
Cyber Risk Partnerships
9yRed teaming is the right way to identify gaps & roadmap improvements.