When it comes to cybersecurity, experts agree that every link is a potential weak link in the fight against hackers.
“Anyone who has access to your network, from the customer service reps to the line crews to the CEO, anyone can become an entry point for cyber criminals,” says Cynthia Hsu, cybersecurity program manager in NRECA’s Business & Technology Strategies unit. “The most effective defense is to regularly educate everyone at the co-op about the risks and what to look for and to design your internal systems so they are segmented and have multiple defenses in place.”
Building a culture of cybersecurity that minimizes the chance of weak links is the goal of RC3, a new NRECA program geared primarily toward small and medium-sized electric co-ops. Short for the Rural Cooperative Cybersecurity Capabilities Program, RC3 is developing training courses, tools, and resources co-ops need to thwart cyber attacks.
“Small- and mid-sized co-ops have unique vulnerabilities because they’re less likely to have the specialized IT resources needed to protect against cyber attacks,” says Hsu, who heads the RC3 program. “But larger co-ops will benefit from these tools and resources as well. The goal is to help all staff recognize their role in cyber resiliency and empower them to defend their co-op.”
NRECA began RC3 in July 2016 after receiving funding from the Department of Energy’s Office of Electricity Delivery and Energy Reliability. The program will offer five cybersecurity summits to be held throughout the U.S. in 2017; online education and training materials and vulnerability assessment tools; reduced-cost access to cybersecurity training programs; and increased opportunities for information sharing and to participate in RC3’s cybersecurity research efforts.