Finkel Review recommendation 2.10 is that we tackle the challenge head-on, as summarised in the AEMO 2018 Summary Report into the cyber security preparedness of the National and WA Wholesale Electricity Markets.
Sense of Security can apply its nearly two decades of experience in utilities security to working with you and your internal teams to implement the recommendations, tighten your defences, and secure your organisation against existing and emerging threats.
Increased use of technology for customers to access their accounts and make changes, as well as in the operation of the utility itself, have opened the door to significant cyber threats.
The preparedness of utilities to resist cyber threats varies across utilities, but the importance of being well defended does not.
Power and utilities are customer-centric industries, and protecting customer data is paramount.
As businesses work to improve the customer experience to meet customer expectations – including new ways for customers and the business to interact on digital channels – utilities must adapt their defences to meet customer expectations of security.
Sense of Security can work with you to identify and understand your vulnerabilities, implement correct policies and procedures, and strengthen your defences against cyber interference.
We are trusted providers of cyber resilience, information security and risk management services to power and utilities businesses around Australia. Our team has been working with utilities and other large organisations for nearly two decades, and can help you to be well-prepared to create the secure, reliable digital experience that customers demand. We can work with you on an ongoing or retainer basis.
Some of the services we offer include:
We can perform a gap analysis and work with you to bring your systems and abilities up to the standards required by the Australian Energy Sector Cyber Security Framework (AESCSF) – formerly known as the Cybersecurity Capability Maturity Model (C2M2).
C2M2 is a useful self-evaluation tool your business can use to assess the maturity of your security model as you make improvements. We can guide you through the model with an eye on
Our experience in SCADA security can help you to improve the security and security monitoring of remote and critical control systems, including all the latest changes including distributed SCADA networks.
We can provide advice on how to protect personal identifiable information (PII), which is highly sensitive in nature.
Sense of Security can advise you on how to create policies and procedures to meet your data breach notification requirements. In the rare event of a breach, Sense of Security can oversee your response, advise on any potential pitfalls and suggest improvements.
Our cyber health check is a valuable tool in assessing your organisation’s cyber risk, developing a cyber risk management policy, and building cyber resilience.
Our enterprise cyber security review (ECSR) will help you with your top-down security management.
This service helps you to methodically identify and minimise vulnerabilities in your networks, computer infrastructure and applications.
Our penetration testing services test the security of your information systems. We identify vulnerabilities and help you fortify your protection.
Red team exercises are the most rigorous test of your security systems. Sense of Security’s red team think like real attackers to find any weaknesses in your controls. We can also work with you on the defence side (blue team) and for the broadest coverage we provide red-blue blended testing and response services called purple teaming.
ISO 27001 compliance and certification helps secure your valuable data and grow your business.
Opportunity
Our client had a limited security capability, inadequate policies and procedures, and was not able to demonstrate compliance with any modern information security standard.
Achievements
Penetration testing: A guide to achieving better outcomes.Read more
Dynamic risk assessment – The business case. Read more
Supply Chain Risk – The case for supply chain risk assessmentss. Read more
Windows 10 – Saving your Windows 10 rollout from calamity. Read more
Parliament issues and implications – The latest news on government cyber-attacks within Australia. Read more