Critical Infrastructure Providers Strengthen Cybersecurity by Implementing Standards-Based PKI
GlobalSign White Paper Details How the Energy Sector Is Securing Networks Based on Standards Developed by the North American Energy Standards Board (NAESB)
・Boston, MA – September XX, 2013 – GlobalSign (www.globalsign.com),the enterprise SaaS Certificate Authority (CA), today announced the release of a new white paper, "How PKI Secures Critical Infrastructure Networks Against Advanced Attacks." Authored by Lila Kee, GlobalSign chief product officer and North American Energy Standards Board (NAESB) board member, the paper explains how Independent Systems Operators (ISOs), which coordinate, control and monitor electrical power system operations from state to state, are using Public Key Infrastructure (PKI) standards developed by NAESB to strengthen security for their cyber-based business processes and transactions. Recent headlines and mounting evidence suggest that cyberattacks on Critical Infrastructure (CI) systems are increasing as cybercriminals have identified electric utility grids as prime targets for disruption activities. As a result, CI cybersecurity has become a prime concern for governments and citizens alike. The paper focuses on the history of the electric industry, how cybersecurity standards have emerged, what those standards are and how they can be used by other CI sectors to strengthen security and reduce the risk of harmful cyberattacks.
“PKI is a robust technology that provides a secure, scalable and cost-effective method to securely authenticate digital identities on large and complex networks such as those that manage business processes for the wholesale electric market. However, due to the many implementation details involved, if the technology is not executed correctly it can also produce a vulnerable system,” said Kee. “NAESB members have worked together to produce a standard for the Wholesale Energy Sector that is based on best practices, proven management techniques and advanced digital certificate technologies. “
In the wake of increasing attacks, U.S. CIs are stepping up efforts to amplify their cybersecurity and strengthen their defenses. In fact, the white paper notes that in President Obama’s recent Executive Order, the National Institute of Standards and Technology (NIST) was directed to lead the effort to develop a cybersecurity framework that would consist of adopting industry best-practices wherever possible. “As part of NIST’s draft cybersecurity framework of best practices, guidelines and standards, the NAESB standard on PKI stands a good chance of being applied to other CI sectors.” says Lila Kee
All CIs are managed, controlled and accessible via Internet-connected systems, making them vulnerable to cyberattacks. This white paper details how ISOs in the energy sector have recognized the value of cybersecurity frameworks, have adopted standards developed by NAESB and have demonstrated that standards can be developed using shared expertise from both the public and private sectors – setting a framework for all CI sectors.
“It has become increasingly clear that cybercriminals are targeting the critical infrastructure in an attempt to disrupt our way of life. For this reason, NAESB made it a priority to establish PKI standards in order to fortify our cybersecurity framework,” said Rae McQuade, President of NAESB. “In establishing these standards we hope to provide a strong cybersecurity strategy so that we may best protect the business practices related to the electricity market that are a critical part of the everyday lives of our citizens.”
GlobalSign has been a trust service provider since 1996. Its focus has been, and always will be, on providing convenient and highly productive PKI solutions for organizations of all sizes. Its core Digital Certificate solutions allow its thousands of authenticated customers to conduct SSL secured transactions, data transfer, distribution of tamper-proof code, and protection of online identities for secure email and access control. Vision and commitment to innovation led to GlobalSign being recognized by Frost & Sullivan for the 2011 Product Line Strategy Award. The company has local offices in the US, Europe and throughout Asia. For the latest news on GlobalSign visit www.globalsign.com or follow GlobalSign on Twitter (@globalsign).
GMO Internet Group is a comprehensive provider of industry-leading Internet solutions including domain name registration, cloud-based and traditional hosting, ecommerce, security, and payment processing services that each hold the top share of their respective markets in Japan. Other key business areas for the Group include online securities/FX trading, Internet advertising, search engine marketing and online research and smartphone game development and publishing. GMO Internet, Inc. (TSE: 9449) is headquartered in Tokyo, Japan. For more information please visit http://www.gmo.jp/en