NCCoE Senior Engineer Harry Perper will speak on a panel as part of Utility Cyber Security Forum's Converging Identity and Access Management Across IT, OT and PACS: A Reference Design session at 11:00 am.

Many utilities run separate IdAM systems managed by various departments whose employees often lack time and methods to coordinate access to devices and facilities across IT and OT silos. According to NCCoE's electric utility stakeholders, this inefficiency can result in security risks for the organization. Additionally, IdAM platforms spread across separate silos in a utility can lead to an increased risk of attack and service disruption, an inability to identify potential sources of a problem or attack, and a lack of overall traceability and accountability regarding who has access to both critical and noncritical assets. In response to this concern, the NCCoE has developed a converged IdAM reference design and example solution, using commercially available technologies, that utilities can use to increase security and efficiency in managing access to their interconnected devices and facilities. 

Key Takeaways: 

  • Highlight the reference design's security controls mapping to guidance and best practices from NIST and other standards organizations, and to NERC CIP standards 
  • Outline how a converged IdAM system allows rapid provisioning and de-provisioning of access from a centralized platform, so utility personnel can spend more time on other critical tasks 
  • Demonstrate how this reference design can help improve a utility's security posture by tracking and auditing access requests and other IdAM activity across all networks 
  • Share some real-world results from converged IdAM platforms