RedSeal
Networks, the leader in network infrastructure security management,
today shared information regarding the highly successful relationship it
has developed with customer Pacific Gas and Electric (NYSE: PCG). Since
it began playing an integral role in the utility’s comprehensive risk
management strategy in 2012, RedSeal
Platform has delivered a way for PG&E’s security and network
operations teams to effectively understand and visualize all activity
across the highly complex network.
PG&E is an investor-owned utility with 5 million business and
residential accounts in Northern California. It provides electricity and
natural gas to approximately 16 million people, manages natural gas and
hydro power plants, and operates a nuclear power plant; its network is
the definition of “critical infrastructure.” Like any utility, PG&E had
a need to defend its infrastructure from cyber threats because the
effects of a cyber-attack on the company could have wide-reaching
effects, from a breach of customer information to loss of power.
Headquartered in San Francisco, PG&E has over 1,000 branches across
Northern California and its infrastructure is composed of tens of
thousands of devices, including 15 load balancers, hundreds of
firewalls, more than 1,000 routers and switches, and 50,000 hosts. Its
security team protects a complex system that supports 20,000 employees,
5,000 contractors and 5 million business and residential customer
accounts. To add to the complexity, the company maintains one network
for its business side and a completely separate network to manage
operations of the electric grid and power plants, as well as the data
generated by millions of smart meters. These networks need to be kept
completely separate for security reasons.
The company needed a solution that allowed its security team to
visualize both networks on an ongoing basis with limited connectivity
between them, monitor for suspicious activity, and quickly understand
and isolate risk.
“At PG&E, we are dealing with a very complex network that covers a
service territory of over 100,000 square miles,” said James Sample,
senior director and CISO, PG&E. “So for us to be able to protect our
network and perform computer network defense activities and monitor for
vulnerabilities, we needed a better way of understanding our network. In
addition, we need to provide that visibility to folks who didn’t design
or operate our network, but really need to understand our network
topography.”
After a side-by-side evaluation of offerings from several vendors, PG&E
selected RedSeal Platform and according to Sample, “RedSeal was our
choice hands down for a variety of reasons, including the fact that the
technology was far more mature and readily demonstrated that it could do
the things we needed the solution to do. Additionally, from day one, the
RedSeal Networks team was on the same page with us in terms of strategic
thinking about how to integrate this into a larger system.”
RedSeal Platform was selected for its powerful visualization
capabilities, flexibility and ease of integration with other tools in
use, including the network configuration management and vulnerability
management solutions that PG&E already had in place. When a security
event happens now, PG&E can understand where on the network it happened,
what assets are involved and correlate that with vulnerability data so
it knows what additional assets might be at risk.
Critical IT infrastructure in the U.S. and other nations continues to be
highly vulnerable to cyber-attacks because the networks are very large
and complex, change continuously and are structurally highly porous. In
addition, legacy systems such as SCADA systems that were developed
decades ago with no security considerations are still in operation. In
order to enhance security and protection of such systems, it is
necessary to continuously monitor security risk and take remedial
actions to minimize the risk on an ongoing basis. To that end, security
professionals must understand the state of their network and security
architecture, and continuously and automatically check for any changes
that impact infrastructure security.
“PG&E is playing a pioneering role in implementing innovative security
and risk technologies for Critical Infrastructure Protection of our
nation. Under the leadership of James Sample, the utility company is
implementing cutting-edge security technologies and we are proud to
serve as a critical component of this strategy,” said RedSeal Networks
CEO Parveen Jain.
“Our top-down approach to building superior network infrastructure
security management technology that addresses the most complex networks
such as PG&E’s is a key differentiator as to why our customers achieve
significant value when looking to conquer extremely daunting and
difficult challenges,” added Jain. “Once you can effectively address the
most complex infrastructures, you can clearly demonstrate to others how
they can manage their difficult environments. Rarely do you see
technologies succeed in achieving the customer’s desired results when it
is the other way around.”
Sample said, “RedSeal’s technology has continued to meet our admittedly
high expectations, and is playing an integral role as it feeds right
into our overall risk management framework to be able to help prioritize
and drive future security investment decisions.”
“We encourage RedSeal Networks to continue their forward-thinking ways
and to help their customers think through different use cases for their
solution,” concluded Sample. “Red Seal Platform’s value to an
organization is limitless based on how the end user opts to utilize it.”
About RedSeal Networks
RedSeal Networks is the leading provider of network infrastructure
security management solutions that continuously provide network
visualization and identify critical attack risk and noncompliance in
complex security infrastructure. It provides network, security, and risk
management teams with a firm understanding of where security is working,
where investment is needed, and where greatest cyber-attack risks lie.
This understanding, or "security intelligence", enables organizations to
allocate resources where needed most, embed best practice into daily
operations, and take prioritized action where needed. The world's
largest government and commercial organizations use RedSeal security
intelligence to build world-class operations that systematically reduce
attack risk over time.
For more information, visit RedSeal at www.redsealnetworks.com.
Copyright Business Wire 2014