The research from these energy and water executives on cybersecurity supports data on the increase of cyber attacks in the US growing from 80k per day in day in 2010, to 10M per day in 2014, to over 300M per day in 2016.
The top six issues for utilities organizations that AgilePQ solves are:
- Secure data from small sensors throughout the core ICS systems
- Secure and authenticate commands sent to SCADA or other ICS
- Maintain secure operations in the necessary real time environment (minimizing encryption delays)
- Secure customer data communications
- Assure encryption does not hinder recovery speed/resilience
- Minimize power draw on remote sensing devices
Secure data from small sensors throughout the core ICS systems
Secure and authenticate commands sent to SCADA or other ICS
Maintain secure operations in the necessary real time environment (minimizing encryption delays)
Identification of devices attached to SCADA systems and to the grid
Secure customer data communications
Minimize power draw on remote sensing devices
Justify costs to federal and state regulators
Assure encryption does not hinder recovery speed/resilience
With AgilePQ DEFEND, AgilePQ uniquely addresses 85% of the Vulnerability Risks identified in the Relative Frequency of NSTB Observed Vulnerability Analysis of Energy Delivery Control Systems by Idaho National Laboratory.
The remaining 15% of vulnerabilities involve human behavior.
AgilePQ DEFEND Application in SCADA Environments
- PLC: as bump-in-the-wire where PLC has no traditional compute stack
- RTU: as bump-in-the-wire or loaded directly on the processor
- Control center: loaded directly
Flexible key size
- Tailored to implementation environment
Also critical for SCADA environments is that AgilePQ DEFEND Bump-in-the-Wire auto-configures for secure communication. The element self-realizes both client and network sides, announces itself, and is ready for secure data transmission.
AgilePQ DEFEND provides high security with a flexible key size that can be tailored to any environment.
AgilePQ DEFEND can be set up for a small fixed-block message sizes (e.g. much less than typical 16 byte minimum blocks) or it can be setup for serial data streams, which is especially helpful where bandwidth is at a premium. AgilePQ DEFEND keys are self-generated at session initiation, used once, and discarded, making for an exceptionally secure system.