The nation’s major hydroelectric dams not only make up some of the largest power generation facilities in the country—they’re also responsible for controlling the flow of rivers and curtailing flood and drought risks. Like most critical infrastructure and industrial facilities, these dams rely on a complex web of interconnected sensors, systems, and machines to keep them running. If these systems were taken down, whether by accident or by deliberate means such as a cyber attack, the results could be catastrophic. Imagine massive flooding, droughts, and power outages, millions of dollars in damage, and daily life in major cities grinding to a halt.
While the Federal Information Security Management Act (FISMA) requires all federal facilities to annually report on their efforts to continually monitor the security of their systems, critical infrastructure systems require a unique approach. When the agency that runs a hydroelectric dam that meets a significant portion of the electricity needs for an entire U.S. region needed a partner with the necessary expertise to assess the cybersecurity posture of its systems and help it meet its FISMA reporting requirements, ÓÐÁϺÐ×ÓAPP stepped up.