Third-Party Threats to Utility Management

Matt Ohmes is the IT Manager for SouthEastern Illinois Electric Cooperative, Inc. (SEIEC), an electric utility cooperative serving 24,000 members. The biggest challenge facing his organization comes from its reliance on third-party connections.

Supply chain management becomes a genuine problem as businesses spread their connections over hundreds, or thousands of vendors. Over the last three years, SEIEC has contracted with more than 1,200 vendors. 

As a result, Ohmes is tasked with ensuring his organization is protected from a compromise in any one of those varied connections.

“Being able to monitor these vendors all the time is extremely important. If I’m going to let them in my network, I want to know ahead of time—and permanently—that I’m working with a vendor that has security at the forefront.”

“Even if I have a layered defense around my network, I still have partners with VPN connections making inroads to my network. And if they get compromised, then I’m just as susceptible as they are,” Ohmes said. “How can I validate those connections and be sure they aren’t compromised?” 

The common fallout from a cyber intrusion in many organizations is theft of intellectual property, or customers’ personally identifiable information being leaked online. But the rise of smart meters within the utility industry has created a new horizon of targets for threat actors — the potential for power to be disconnected remotely. 

“In a worst-case scenario, we’re thinking about AMI (advanced metering infrastructures) abuse, where somebody might be able to remotely detonate a meter, creating a mass power outage for our members,” said Ohmes. “I had never found a way to manage that, and I’ve found it now.” 

Ohmes is a new customer with Prevailion, a cybersecurity solution that provides organizations with Evidence of Compromise instead of merely indicators of compromise. Prevailion allows SEIEC to monitor its third-party vendors in a new way, arming it with information IT teams can use to evaluate their vendors, current or prospective, and ensure they meet their standards for security. 

Ohmes said Prevailion gives his organization an extra tool to help verify whether a vendor is serious about security before it awards costly projects. If a vendor is found to be compromised, Ohmes can take that information to his CEO and the board to evaluate that relationship. 

Prevailion empowers Ohmes and his organization to:

• Obtain verified evidence of compromise in their third-party vendors 
• Act on that evidence by limiting a vendor’s access to their network 
• Make informed business decisions about current and prospective vendors 

“Prevailion has given me some assurance. My vendors I have found in the platform were green and stable — that gave me a sigh of relief, because you never know what you’re going to find,” said Ohmes.