This municipal utility is responsible for managing a US city’s water and wastewater utility (utility), delivering over one million gallons of water every day. Operating over a wide range of businesses, the utility employs over 3,000 employees. The utility has 150 full-time employees dedicated to centralized IT, which manages the IT and operational technology (OT) networks.
The Challenge
The utility IT team was looking for an easy-to-learn solution that would give them a big picture view of the utility infrastructure to help them map the network topology and gain an understanding of how assets were connecting to each other. The team wanted better visibility into the type, number, and locations of their IT and OT assets. They also sought a better way to classify them, troubleshoot issues, and improve the utility’s overall risk posture in the face of attacks targeting critical infrastructure.
As a public utility, the utility mission is to ensure business continuity in order to provide essential services to the city’s residents and businesses. Vulnerability management has been an increasing concern as the utility deploys more and more OT. Another requirement was that the solution needed to integrate seamlessly with the existing technology stack without requiring agents, which could disrupt the sensitive OT network.
Continue reading to learn how Armis Centrix™ gave the IT team the visibility it needed to operationalize its data and reduce risks in its environment.
Challenges
- Getting a big picture view of the utility’s network topology and asset inventory
- Implementing an holistic solution that would not disrupt sensitive OT
- Classifying assets by type, location, number, and other variables
- Improving vulnerability management to minimize risk and prevent potential attacks
Results
- Identified top 10 to 12 vulnerabilities each week for remediation
- Built more than 20 team-specific dashboards based on business needs
- Remediated bandwidth and connectivity issues
- Over 1 million gallons of water every day are now better protected from cyber attack disruption