As we kick off cybersecurity awareness month it’s a good time to pause and remember that cybersecurity is more than just how we protect data. It’s an evolving process and key function for all businesses.
Cyberattacks are becoming more frequent, disruptive, destructive, and costly. More than 66 percent of small- and medium-sized businesses in the US experienced a cyberattack in the past five years. Globally, cybercrime costs businesses and consumers more than $6 trillion per year. For critical infrastructure like the power grid, cybersecurity has never been more important with threats to industrial and control systems rising.
We often think of cybersecurity in terms of passwords, encryptions, and firewalls. These are only part of a larger picture. The National Institute of Standards and Technology (NIST) lists a comprehensive cybersecurity framework with five key areas: Identify, Protect, Detect, Respond, and Recover. Understanding these areas helps us put cybersecurity into context and make better decisions.
Landis+Gyr takes a holistic approach to security and the NIST cybersecurity framework. We hire dedicated personnel, follow trends in cybersecurity and best practices, utilize industry-leading technologies, continually monitor our systems, and rehearse our response plans.
Our cybersecurity professionals have adapted new process and legal strategies dedicated to data and information security. In addition to personal data, all information being processed within the critical infrastructure receives dedicated attention and enhanced security protection.
Landis+Gyr‘s Global Cybersecurity Program, led by our chief security officer as a member of the executive management team, includes the Global Information Security Team, which is responsible for the overall security compliance program. Cybersecurity engineers working with our security operating center team are responsible for securing IT and OT environments are an integral part of maintaining the company’s security posture.
Here are several key security elements of Landis+Gyr security services:
Identity and Access Management
Landis+Gyr’s head-end system has a strong authentication and authorization system. It supports both a standalone authentication and authorization system and it also supports integration with Active Directory, which utilities have used to centralize management of users and their roles.
Threat and Vulnerability Management
Landis+Gyr establishes a secure software development life cycle (S-SDLC) integrating security in all parts of the development and release process.
Layered Security Approach
For our Managed Service and SaaS/Hosted customers, Landis+Gyr has implemented a layered security approach being used by all our data centers and NOC operation centers that process, store, or manage customer data.
Landis+Gyr also implements enhanced security in our hardware products for metering, energy management and distribution automation, supporting comprehensive network encryption and hardware solutions through the end-to-end security vision.
As the next generation of energy delivery evolves, cybersecurity processes are evolving with it to ensure protection of critical infrastructure, data, and customer trust.