Strengthen the Security of State and Local Utilities: the Purdue model approach

State and local government depend on utility companies to run smoothly to ensure that there aren’t any disruptions of services for their citizens. It is critical for these services to stay protected against the constant threats of cyber-attacks. In order to combat these threats, many utilities companies are turning to the Purdue Enterprise Reference Architecture (PERA), commonly referred to as the Purdue Model. The approach offers a layered strategy that analyzes weaknesses and helps protect your infrastructure.

The Purdue Model was created in the 1990’s to help improve the security of industrial control systems (ICS) and operational technology. It looks at the infrastructure in a more detailed manner by dividing it into layers to help isolate critical systems and help find the weaknesses at every layer.

State and local utility companies are particularly vulnerable to cyber threats due to several factors:

• Outdated Infrastructure: Because of budgetary limitations, state and local utility companies are working with outdated systems that were not designed to combat the evolving cybersecurity threats that now exist. Because of the evolving cybersecurity threats, it makes them easier targets for bad actors.
• Systems are Interconnected: The integration of IT and OT systems creates more vulnerabilities, because they are now connected and it can affect the whole system as a whole.
• Staffing Limitations: Because of tight budgets and outdated IT systems many companies may lack the staff necessary to handle the cyber threats, or staff with the expertise necessary.

Utilities can use the Purdue Model to establish a comprehensive cybersecurity strategy that enhances their defenses.

Here are some practical steps utilities can take to apply the Purdue Model:

1. Network Segmentation: Isolating your control systems from the enterprise networks allows utilities to prevent unauthorized access. For example, if a bad actor gets access to the enterprise layer, the segmented control systems remain protected.
2. Access Control: Implementing strict access control helps ensure that there is limited access to every layer. Role based access can help ensure that only authorized personnel are accessing each layer and limits the chances of unauthorized access. Modernizing systems to apply Multi Factor Authentication and TLS encryption to legacy applications and operating systems.
3. Monitoring and Incident Response: Establishing a Security Operations Center (SOC) utilities can have continuous monitoring of essential system activities.  The continuous monitoring can help you quickly identify and respond to suspicious activity or breaches, mitigating the damage.  Whether this is internal or a specialist organization that understands OT specific threat hunting, IR and monitoring are an important part of a modernized cyber security operation.
4. Regular Updates and Patching: Making sure your software is up to date is crucial to protect against any know weaknesses. Establishing a routine to update and patch systems across all layers can help keep your utilities systems safe. If systems can’t be patched, an inline network device to protect systems by doing “network patching” to filter out vulnerable commands and operations.
5. Training and awareness; Employees are the first line of defense against cyber threats. Training your staff to identify security threats can help strengthen your system and create a culture of cybersecurity awareness in your company.
6. Collaboration and Information Sharing: Utility companies sharing information can be incredibly helpful, they can exchange how they handle threats or what threats they have encountered can be incredibly helpful. Having this information can help utilities to better equip themselves and prevent any security breaches.

Adapting network segmentation, strict access controls, and continuous monitoring, utilities can help to better protect utilities critical infrastructure. As cyber threats evolve, adopting a proactive approach to cybersecurity is essential to ensure the safety and reliability of essential services.

Whether your organization is a public utility or provides essential services to your community, CDW Government understands how important it is for utilities to be able to provide services with no disruptions to its citizens. We have dedicated experts with years of expertise working with the Purdue Model and can help you find the best solution and/or services to help protect your utilities from cyber threats.