Trustpower, the New Zealand power, gas, broadband and phone company, has deployed Nozomi Networks' Guardian solution for asset discovery and improved operational visibility over the network.
Trustpower is one of the largest electricity generators and retailers in the country with more than 230,000 customers, 30 hydro power stations across 19 hydroelectric power schemes, and 700 staff countrywide.
The company had already invested in its security systems, focusing on areas such as prevention and firewalls, but this traditional approach offered little to no visibility into what was happening in the network, the company states.
Trustpower delivery manager - operational technology Marty Rickard says, “As we continued to expand, digitise and add to our operational environment, this lack of visibility presented a major challenge.
“We needed a new approach to cut through the noise, gain real insights into our network and ensure we were protected from cyberattacks.
Following a bidding process, the company chose Nozomi Networks Guardian, a monitoring solution that protects control networks from cyberattacks and operational disruptions by providing complete industrial control system (ICS) visibility and security in a single solution.
According to the company, Guardian was put to the test in a lab environment where it was able to capture live traffic and see virtually all devices in the network and how they communicated.
The system was tested with up to five times its node capacity and was able to deliver results, providing insights into Trustpower's network and a near-complete asset register, the company states.
Now deployed across Trustpower's operational network, Guardian provides asset discovery, inventory and operational visibility; automatic real-time notification of industrial events of interest, including alerts triggered by custom-designed rules and constraints; and traffic analysis for current and future investigations.
This announcement comes as cybersecurity awareness and governance becomes a higher priority in New Zealand, according to the company.
The Government's Communications Security Bureau (GCSB) recently launched a resource for company boards to help improve cybersecurity governance, following an assessment of cybersecurity resilience across 250 of New Zealand's nationally significant organisations.
Trustpower head of technology Matt van Deventer says, “Nozomi Networks has enabled us to meet New Zealand's Voluntary Cyber Security Standards for Industrial Control Systems (VCSS-OCS).
“Maintaining and exceeding these standards is a key priority for Trustpower and Nozomi Networks enables us to comfortably achieve that.
The Nozomi Networks solution also identified anomalies in Trustpower's third-party supplier network, a common threat point for large organisations.
Improving mutual security has made the whole supply chain more secure and this has helped improve third-party relationships, the company states.
Nozomi Networks cofounder and chief product officer Andrea Carcano says, “Cyber security, like cybercrime and the threat landscape, needs to continually evolve.
“New Zealand businesses need visibility into their networks and awareness of who has access, and to what extent, to ensure they are protected.
“Advanced OT-IoT visibility and security technology is essential to achieve this. Trustpower recognises that and has now created a better operating environment for its business, customers and third-party suppliers.