Critical Infrastructure Protection: Integrate Vulnerability Scanners, Threat Analysis Tools, and Network Management for Robust Cybersecurity

Companies like Parsons are at the forefront of innovation and strategic growth in the rapidly evolving landscape of critical infrastructure protection. Recently, Parsons unveiled Cyberzcape Tracker, an advanced AI and machine learning-powered cybersecurity solution aimed at safeguarding critical infrastructure networks. This move, coupled with the strategic acquisition of IPKeys Power Partners, underscores Parsons’ commitment to enhancing the resiliency and security of vital services against an array of cyber threats​​​​​.

The necessity of such advancements cannot be overstated, especially as digital threats become more sophisticated and pervasive, posing significant challenges to utilities and critical infrastructure providers. The integration of IPKeys’ software platforms and capabilities with Parsons’ solutions exemplifies a forward-thinking approach to addressing the multifaceted challenges of critical infrastructure protection, including the need for comprehensive cybersecurity measures and the effective management of limited resources among smaller utility providers.

On the show floor of DISTRIBUTECH 2024, MarketScale captured an insightful interview that sheds light on these challenges and the collaborative efforts to overcome them. John Daly, the Senior Growth Operations Manager at Parsons offers a unique perspective on the evolution of critical infrastructure protection, highlighting the importance of breaking away from outdated methods in favor of innovative and proactive solutions.

John’s Thoughts

“So Parsons has been in the critical infrastructure space for the last eighty years, doing everything from building out power plants, building roads, transit systems, and everything in between. And when they wanted to increase their footprint on the critical infrastructure side, they wanted to get into the software business. So they approached IP keys Power Partners about, well, how can we make the best thing to plus up the offerings Parsons currently have and it’s been a great marriage because our solutions are offered at over six hundred utilities around the country for cybersecurity and energy management platforms, and it just fit perfectly into the whole ecosystems that Parsons offers to be a total package.”

The Challenge of Adopting New Cybersecurity Practices in Critical Infrastructure

“The biggest challenge that people are gonna be facing is what’s the way that they were doing it in the past. That’s the hardest thing for people to break away from what they were doing in the past most likely was not enough or is something that was bad. So when you’ve got a new cybersecurity plan in place and you’re trying to train people on what the best practices are for the twenty-first century, or even as threats change every single day, it’s hard to break the cycle that people are used to. It’s hard to get people to take it seriously sometimes, especially if you’re being like, alright, take this once-a-year mandatory course, and some people are like, cool, I’ll just let me off your paper so I can just be done with this class, and that’s not acceptable, especially because threats are evolving every single day, especially on the utility side.

And so the hardest things that are really facing and the biggest challenge is facing a small and rural utility is going to be the number of people they have on their staff, limited resources, limited money to even get more resources. It’s tough. You’ve got one, two people, maybe three if you’re lucky for a lot of these utilities that are just not trained on top of what the up-to-date threats are, that’s facing their utility. What is something that they need to be aware of when it comes to patching all their systems so they’ve got as small and attack surface as possible, and they’re just you know, they’re overworked. They’re up to their necks or they’re underwater in general with all the stuff they have to do, not just staying on top to make sure their systems are safe, and they’re operational. They also get tapped with things like, oh, upgrade this person’s system, we need a password reset, we’ve got a bring into this other meeting and when you’ve only got one person working at the utility for that stuff, they’re just overworked and they’re gonna miss stuff. And that’s a problem, especially when you’re providing a critical service to your whole community.”

The Need for Comprehensive Cybersecurity Solutions

“You’re gonna want a solution like a vulnerability scanner. You’re gonna want a threat analysis tool. You’re gonna want a network manager in general that will tell you when you need to patch your systems, when you need to upgrade stuff, what vulnerabilities are out there in the marketplace that you need to be aware of, especially as threats are changing every single day. If you don’t know that somebody just hacked another utility going through their printer or something, you might think, ah, I don’t need to update the firmware on this printer, and now you’re in trouble. Now you’re susceptible to a ransomware attack, and that’s just bad for everybody.”

Article written by Sonia Gossai