The Birth of a TITAN

Most rural electric cooperatives don’t have a huge IT staff to take care of cybersecurity and monitor operational technology simultaneously. Some co-ops don’t have any IT people at all. Still, you can’t ignore security when you’re part of the country’s crucial national infrastructure. At the same time, when your members rely on you to keep the lights on, neglecting your systems to check on cyberthreats isn’t an option, either. Having spent years at a rural cooperative and know firsthand how difficult managing IT and OT simultaneously is in an environment with an ever-changing threat landscape. That’s why myself and Casey Davis created TITAN, a purpose-built cybersecurity platform for electric cooperatives.

An Impossible Situation

Casey and I knew cookie-cutter cybersecurity wasn’t going to cut it for electric co-ops. For the past two years, we cobbled together eight components that would eventually become TITAN. Many of our ideas came from when we worked together at Oklahoma Electric Cooperative. We were both frustrated with the inefficient way we had to handle both cybersecurity and operational technology.

We were just two of the few IT guys so we had to wear a lot of hats. Security wasn’t my full-time job; it wasn’t anyone’s full-time job. We spent a good amount of time every day just logging into the different security apps we had — getting to that one dashboard that I could find — just to get one little piece of information I cared about. Then I’d pull it out, keep that information in my mind, and move on to the next application. Some days, I wouldn’t do any of that, because who wants to spend an hour logging into all these different systems just to find out everything’s fine?

We knew this was a problem.

Casey and I are both passionate about improving security. We did what we could at a local and regional level. I worked with the National Information Solutions Cooperative (NISC) and was elected vice-chair of the national technology committee in 2018. Casey helped found the Oklahoma Association of Electric Cooperatives (OAEC) IT committee and worked to put together the first OAEC IT conference. Casey also worked with the National Rural Electric Cooperative Association and was on their cybersecurity advisory group.

As we built on our experience, we started to develop a list of what would make for good protection that most electric co-ops lack. We made these recommendations through the organizations we were in, but these are largely regulatory and recommendation building organizations. Although they provide good policy, ideas and frameworks do not have the power to actually make a change across the cooperative landscape.

Solving a Problem

I’ve known Casey since fifth grade from riding on the school bus together. We were college roommates and the best man at each other’s weddings. We’ve always been interested in cybersecurity and challenged each other to improve. When we were young, Casey once tricked me into installing a remote access trojan that made my CD drive pop in and out for hours. I got him back by changing his boot.ini file into a quiz where if he got the wrong answer his computer wouldn’t boot.

Casey joined me at Oklahoma Electric Cooperative where we worked together for a few years before joining SkyHelm. To be able to work on something that can change the world with your childhood best friend is nothing short of spectacular. I know this product wouldn’t exist if it wasn’t for our lifelong friendship.

We started to put together a rough outline of what a security product might look like. We needed something that had everything a co-op needs and could be implemented into any existing electric co-op. I remember sketching on the back of a piece of paper what we thought the dashboard might look like. Casey took that input and completely reimagined it into what it is today. He took the dashboard from bland and static to something colorful and interactive.

It was a good idea, but while we were working for the co-op, that’s all it would be. But then Jeremy Dreyer, SkyHelm’s co-founder and CTO, offered us the opportunity to make this dream a reality. So we stepped out, created TITAN, and now we’re executing our dream.

Checking all the Boxes

Every electric cooperative is concerned about reliability, security, and affordability. We check all those boxes. A lot of co-ops have an IT guy who’s wearing several hats. Cybersecurity isn’t his full-time job, and he’s not able to keep up with the latest and most challenging aspects of protecting their cooperative. TITAN offers a solution that allows your electric cooperative to stay up-to-date and take care of both the IT and the OT side.

One way TITAN does this through a comprehensive dashboard that lets IT employees see exactly what is going on with all their systems at a glance. It’s purely informational since we already have a SOC team that’s looking at all that information and is going to act and react to whatever’s happening there, but it saves the IT team or co-op employee that handles cybersecurity a lot of time since they don’t have to manually check different applications to get a feel for the current security situation.

TITAN also provides 24/7 monitoring. But we’re not just monitoring your security, we’re also monitoring your servers. If a server goes down in the middle of the night, we’re going to make sure the appropriate people know about it. We can even take care of it for you as an add-on service.

Our vulnerability tool is always scanning. It can take a day or so to do a scan of a single network. As soon as it’s done, it starts right back up again. These scans generate reports. We’ll start with all sorts of reports, and then we tailor them down to what each individual wants to see.

Our next-generation firewall (NGFW) inspects network traffic for incoming cyberattacks, but TITAN also has a network monitoring utility that lets us see real-time networking events. We can see device bandwidth usage, network health alerting, port utilization, anything at the hardware level, down to the port, including network equipment performance and even temperature information.

Adapting to Changing Needs

In a world still grappling with a global pandemic, the ability to work remotely has gone from a luxury to a necessity. TITAN’s remote monitoring capabilities ensure electric cooperative employees can keep their IT running smoothly even during these unprecedented times. With TITAN, IT teams can ensure monitors, servers, laptops, desktops, printers, etc. are performing their best. It can see CPU utilization, RAM usage, what applications are installed on the computer, and what version they’re running.

The ability to conduct updates and install the latest patches helps harden the overall security and reliability of an electric co-op’s systems.

Hardening SCADA Security

Electric cooperatives are adapting to evolving needs and getting into networked SCADA and OT systems for the first time. Demands on the grid are also evolving.

A big driver of this has been the adoption of advanced metering infrastructure, including digital meters. Electric cooperatives now have much more data to manage and protect.

What the grid needs to handle has changed, too. Electric cars and oil pumps are just a couple of the giant machines that require a more connected SCADA environment. As a result, electric co-ops now need to connect switches, reclosers, and voltage regulators to their networks to ensure reliability.

All of these changes require added security measures. They may have a firewall between their OT and IT networks, but often there’s no segmentation or firewall. These networks were created based on what they needed at the moment.

TITAN hardens SCADA security through in-depth monitoring. We can see firmware versions, different devices, and their real-time status. We see the traffic going back and forth. If something unusual happens, our SOC team is notified.

We also collect information about events from all these different devices. TITAN enables orchestration between those devices. So if TITAN sees discordant or unusual events taking place across multiple devices, it raises an alarm. If it sees something that it can act on, it automatically does that by orchestrating with the firewall.

Those actions help secure the country’s critical infrastructure because if something is blocked at one cooperative, it gets blocked at all the other cooperatives.

Cyber attacks are constantly changing and evolving. That’s why we made the TITAN platform modular. When there’s a change in cybersecurity threats or the cybersecurity landscape, we can easily drop in a new component that helps protect from whatever the new threat is.

A Solution for Every Co-Op

We work with some electric co-ops that don’t have any IT staff. Others have a few people. Some co-ops already have measures in place; others may not be taking full advantage of their existing resources. That’s why there is no one-size-fits-all cybersecurity product that protects both IT & OT environments for rural electric cooperatives.

The TITAN platform has a dashboard designed to give you actionable security and network analytics with an intuitive interface. With a quick glance, one can understand their security and reliability posture, network performance, system vulnerabilities, and performance. Additionally, our 24/7 SOC team has your back and will call/text/email with anything that requires your attention.

Ultimately, we make sure that we’re providing cybersecurity and helping ensure reliability.

Just the Beginning

Seeing TITAN deployed in Oklahoma and central Texas has been exciting. To go from ideas and conversations with my peers to a product that actually fulfills those dreams is incredible.

But it doesn’t mean we’re done.

TITAN is something we will always be improving. In an ever-changing world, we strive to make sure that we’re doing more and being better all the time.

To protect your electric cooperative and learn more about how to keep operations running smoothly, contact us.