1 Lloyds, “Emerging Risk Report—2015,” May 2015, www.jbs.cam.ac.uk/fileadmin/user_upload/research/centres/risk/downloads/crs-lloyds-businessblackout-scenario.pdf.
2 Ernst & Young, “Plug in: EY’s latest insights for Power & Utilities,” March 2015, www.ey.com/Publication/vwLUAssets/EYs-latest-insights-for-powerutilities/$File/EYs-latest-insights-for-power-utilities.pdf.
3 Ponemon Institute research, sponsored by IBM, “2018 Cost of a Data Breach Study: Global Overview,” July 2018, https://databreachcalculator.mybluemix. net/assets/2018_Global_Cost_of_a_Data_Breach_Report.pdf.
For operators and owners of power generation systems, maintaining compliance and guarding against evolving cybersecurity threats represent critical, continuous imperatives. So it’s vital to quickly apply patches and fixes when vulnerabilities are identified. However, for resource-constrained operations teams, these patch validation, testing, and deployment efforts can present a number of challenges:
As part of the program, GE will test and validate antivirus (AV) and host intrusion detection (HID) signature updates as well as operating system (OS) patches. First, we’ll verify whether these new releases apply to your environment, and based on that, we’ll establish a list of candidates for testing. GE’s staff then test applicable updates in controlled, representative lab environments that offer safeguards against intrusion and tampering. Through this testing, we determine whether updates adversely affect the functional operation of the control system, related interfaces, or system communications. Based on our findings, we can exclude any updates that may introduce performance or availability issues. If a given patch is excluded, we provide documentation to support this exclusion.
Once patches have been tested and validated, we make them available to customers via a secure web portal. We provide cumulative updates so that your organization can stay completely up to date with the latest releases, even if an earlier update wasn’t applied. By delivering these complete, scripted packages, we make it easy for your team to incorporate updates into your transfer and change management processes.
The Patch Validation program is available as a stand-alone offering. Through the program, we deliver scripted files that automate the deployment of patches and antivirus updates. In addition, your organization can deploy these patches using Baseline Security Center. Baseline Security Center brings centralized management to the deployment process, reducing the need to run patch deployment tools locally on each system being patched. By harnessing these combined offerings, your team can enjoy even greater speed and efficiency gains.