Iberdrola awarded a 2012 European SCADA Security Innovation Award
WASHINGTON, Jan. 16, 2013
WASHINGTON, Jan. 16, 2013 /PRNewswire-USNewswire/ --The SANS Institute today
announced that the Iberdrola has won a 2012 European SCADA Security Innovation
Award for leading the implementation of traditional and also cutting-edge
security projects in the SCADA world; when very few organizations in this
sector were even paying attention to security.
Iberdrola is the largest energy company in Spain and operates multiple types
of energy production plants (gas, coal, water, eolic, nuclear) in multiple
countries in the European Union and Latin America.
The history of Iberdrola is one of innovation. In early 2000 Iberdrola
decided to create the CMDS, a 24x7 Monitoring Center for the operations of
their Critical Infrastructure. Inside the scope of the CMDS, and with a
codename of AURA, a long-term security program for the in-depth security of
their SCADA networks was put in motion.
Starting by a highly tight perimeter in its early stages (AURA.PERIN), through
an extensive IDS deployment (AURA.DETIN), Iberdrola jumped into much more
aggressive security set projects such as AURA.BACON for the automated change
of privileged passwords, together with the restriction, monitoring and control
of all external access to the SCADA networks via a clever and innovative use
of the most advanced privileged access management technology available.
Other projects followed such as AURA.CIMAS, for the automated monitoring and
configuration management of the security infrastructure, AURA.CENLOG, an
advanced SIEM system with automated investigation and response capabilities,
or AURA.INFOR for the ability to perform Enterprise Forensics, Incident
Response and Malware Analysis in the SCADA networks. AURA.SECDIS launched in
2011 had a double objective: on the one side segmenting SCADA hosts via the
implementation of sandboxing and whitelisting technology in the SCADA systems
and on the other the restriction of distribution of files to the SCADA
networks by blocking USB devices and making all file transfers go through a
central distribution point with malware detection capabilities.
In 2011, Iberdrola started two of the latest and most innovative projects to
date: AURA.MARS and AURA.CONSEG.
The objective of the AURA.MARS project was to create a highly flexible
Cybersecurity network with a central highly segmenting network (with 5
security zones), where all central security devices together with the brains
of the system sit at the CMDS, and a modular highly segmented virtual
environment sitting in each of the plants. This server provides the capability
to run multiple virtual machines and therefore provide multiple local security
capabilities such as monitoring, scanning, forensics, etc. This avoids the
need to open the SCADA networks to remote systems, but at the same time
ensures that it is highly integrated with the central MARS command and control
AURA.CONSEG is the latest project in the AURA program and its objective is
integrating with AURA.MARS to be able to capture the most meaningful security
events and present them to the plant operators in an easy to visualize and
easy to understand way. No one knows the plant better than the plant
operators, and being able to translate security events to threats they can map
to their operations so they can detect and react to subtle threats is a
This program also aligns very well with the Top 20 Critical Controls even
though the AURA program started years before the Top 20 Critical existed. The
publishing of the Top 20 Critical Controls has provided great feedback to the
AURA program and it is now seeding ideas for new innovative projects which
will most certainly be seeing the light in the next few years.
About the European SCADA Security Innovation Awards
The European SCADA Security Innovation Awards recognize the most innovative
SCADA projects being done in Europe and the leading innovators in the field.
Areas of recognition include:
oManagement support in the development of an industry leading security
oInnovative ICS security implementations
oCommunity-enhancing research and testing
About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and
education organization. SANS is the most trusted, and by far the largest,
source for world-class information security training and security
certification in the world. GIAC, an affiliate of the SANS Institute, is a
certification body featuring over 20 hands-on, technical certifications in
information security. SANS offers a myriad of free resources to the InfoSec
community including consensus projects, research reports, and newsletters; and
it operates the Internet's early warning system - the Internet Storm Center.
At the heart of SANS are the many security practitioners in varied global
organizations from corporations to universities working together to help the
entire information security community. (www.sans.org)
SOURCE SANS Institute
Contact: Michael Assante, President & CEO, National Board of Information
Security Examiners, SCADA Summit Chair, SANS Institute, firstname.lastname@example.org,
Press spacebar to pause and continue. Press esc to stop.