1660601538061 Cybersecuritytodolist2

OGE cybersecurity checklist

July 15, 2019
Jason Nations of OGE Energy Corp. detailed his cybersecurity to-do list during his presentation at ARC Industry Forum 2019.

Each process application has its own unique characteristics, and so each has its own vulnerabilities and cybersecurity tasks to perform. Jason Nations, senior enterprise security manager at OGE Energy Corp., Oklahoma City, detailed his cybersecurity to-do list during his presentation at ARC Industry Forum 2019 earlier this year in Orlando. It's assignments include:

  • Inventory and understand your operating environment, assets and equipment, and find security gaps in them;
  • Segment the network with firewalls into sub-networks determined by role-based assets and applications;
  • Get all internal staff onboard, and find partners and vendors, so all can help define cybersecurity use cases;
  • Follow cybersecurity best practices from recognized organizations, such as NIST's Cybersecurity Framework and the U.S. Dept. of Energy's Cybersecurity Capability Maturity Model (C2M2);
  • Base all decisions on risk to answers questions like what are our critical processes?
  • Take care of low-hanging fruit, such as settling on DCS group policies, etc;
  • Plan and coordinate cybersecurity software and hardware deployments with field personnel;
  • Steadily develop a cybersecurity culture, in part by building relations between IT and OT operators in the field;
  • Prioritize threat intelligence feeds and limit cybersecurity windows for analysts, so they can focus their efforts and be more effective; and
  • Once basic cybersecurity policies, procedures and solutions like anomaly detection are established, begin to actively hunt for threats.  
About the author: Jim Montague

About the Author

Jim Montague | Executive Editor

Jim Montague is executive editor of Control. 

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...