SAFETY & SECURITY | CYBERSECURITY Protecting Gösgen


A cybersecurity solution helps protect Switzerland’s Gösgen nuclear power plant, while enabling the plant’s 550 employees to access the internet productively and safely, says Brett Raybould


Brett Raybould


EMEA Solutions Architect at Menlo Security


THE ENERGY SECTOR OFTEN TOPS the list of industries on the receiving end of cyberattacks. This year’s ransomware attack on Colonial Pipeline, the largest fuel pipeline in the US, has shown the industry’s vulnerability. For a nuclear power plant, there are no second chances when it comes to cybersecurity. One mistake or loss of concentration, one infected computer, and power can be shut down across an entire region, potentially putting lives at risk. Today, the risks have never been greater. It’s easier than ever for an attacker to send a phishing email, create a bogus web form or infect a website with malware. What’s the attraction for attackers? Power plants are


strategic infrastructure and are of huge economic value. Nation-state actors and hacktivists can cause significant disruption, or use techniques like ransomware to draw attention to their political agendas. The organisations, under huge pressure to maintain availability of services, often pay the ransom — although that does not guarantee that systems will be tuned back on, or that it will not happen again. Energy companies are often geographically diverse.


As a result of the global pandemic, a growing proportion of the workforce is now working remotely. Decentralised cybersecurity teams have to manage the increased ‘attack surface’ that has been created by these changes, and eliminate threats from the web and email.


They also often have complex interdependencies between physical and IT infrastructure. Security professionals are responsible for managing the risks posed by unique endpoints — including a complex assortment of operational technology (OT) — all of which can be vulnerable to attack. To defend against the increasing number of attacks,


organisations must mobilise their capability to prevent users, data and applications from providing an easy first point of entry for attackers. They are exploring strategic approaches, such as ‘zero trust’, and deploying solutions that create a so-called ‘air gap’ between users and the Internet, such as secure web gateways powered by isolation. Isolation ensures that no one can connect directly to an organisation’s devices as the first step of an attack, even if a user clicks on a malicious link or downloads a suspicious document. Gösgen nuclear power plant on the Aar River in


Switzerland understands the risks better than most and has worked closely with Menlo Security over the last few years to ensure employees can work safely and productively. Knowing that a security solution must balance risk with employee productivity, the cybersecurity team at Gösgen previously focused on maintaining reliable yet secure Internet access for users by creating a homegrown ‘isolation’ solution based on VMware ThinApp. This isolated


Above: The Gösgen 1020MWe pressurised water reactor started operating in 1979 34 | January 2022 | www.neimagazine.com


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45