LogRhythm for Energy/Utilities

Because of the critical nature of protecting the nation’s power grid and its associated infrastructure, IT Security professionals in the energy/utility industry face a unique set of challenges. Network security for regulatory compliance is heavily mandated and tightly regulated, with multiple industry-specific requirements (NERC CIP, NRC, NEI, etc.) But the non-standard nature of many systems, such as SCADA devices, makes data collection for comprehensive cyber security difficult. LogRhythm delivers advanced network security and automated compliance assurance to protect the energy/utility industry against cyber crime, APTs and costly data breaches.

Industry Challenges

  • Strict, service-specific guidelines

  • Non-standard, mission critical applications (SCADA, data historian, etc.)

  • Strict access control requirements

  • Extensive disaster recovery protocols

LogRhythm offers:

  • Comprehensive compliance packages for: 

    • NERC CIP 

    • NRC RG (Regulatory Guide) 5.71 

    • NEI 08-09 Rev 6 

  • Specific support for SCADA devices 

  • Secure, one-way communication for classified environments 

  • Out-of-the-box advanced correlation rules for protecting critical assets 

  • SmartResponse™ plug-ins for active cyber security and compliance enforcement 

Protecting Critical InfrastructureLogRhythm allows organizations to detect and understand deviations from expected and authorized behavior – a critical component of securing the critical infrastructure. New viruses, malware, Trojans, zero-day exploits and attacks are developed every day to bypass existing antivirus solutions and are frequently disguised as hidden or important system objects or lurking hidden folders. LogRhythm helps organizations defend against cyber threats by:

  • Eliminating information gaps 

  • Detecting and understanding behavioral deviations 

  • Independently monitoring 

    • Process activity 

    • Network connections 

    • User activity 

  • Performing File Integrity Monitoring 

  • Tracking and controlling the movement of data to removable media 

LogRhythm provides utilities/energy companies with the means to:

  • Logically identify and prioritize which SCADA assets are the likely targets of an attack 

  • Establish visibility on resources that may be exploited to attack SCADA and/or classified networks 

  • Profile expected behavior for SCADA devices and associated resources 

  • Establish a continuous monitoring program to identify anomalous behavioral patterns, defend against specific cyber threats, and protect critical assets. 

  • Meet industry specific regulatory such as NERC CIP, NRC RG 5.71, NEI 08-09 Rev 6, etc. 

Customer Case Studies
S&P 500 Energy & Utilities Company Enhances Detection and Response Capabilities 
Large Energy & Utility Company Deploys Advanced Persistent Threat Monitoring 
Medium Energy & Utility Company Implements LogRhythm