ACEP’s data team conducts cybersecurity assessments in Kotzebue
August 9, 2024
ACEP’s Data and Cyberinfrastructure Management team members conducted a cybersecurity assessment and training in Kotzebue in July.
ACEP summer intern Joy Lomelino, mentored by John Haverlack, conducted a cybersecurity gap assessment for Kotzebue Electric Association. A cybersecurity gap assessment is a tool to identify weaknesses and vulnerabilities within an organization’s cybersecurity infrastructure. Lomelino’s assessment consisted of a site tour and interviews with staff and third-party information technology contractors for KEA. With the information gathered during this gap assessment, KEA will be able to better understand risks associated with their utility’s computer systems and prioritize the next efforts needed to reduce their cyber risk exposure.
RJ Michael, another ACEP summer intern and Haverlack’s mentee, presented an introductory cybersecurity awareness training module for the entire KEA staff. The presentation was so well received that KEA general manager Tom Atkinson suggested they make this an annual training. During the training, staff learned about actions they can take to protect KEA from cyberattacks.
Haverlack and Solomon Himelbloom also wrapped up tasks from previous site visits. Himelbloom deployed a data diode in the ACEP KEA data acquisition system that DCM members Dayne Broderson, Will Fisher and Lisa Jacklin had previously installed. A data acquisition system includes measurement devices, sensors, a computer and data acquisition software. The system is used for acquiring, storing, visualizing and processing data. The ACEP KEA data acquisition system was installed to transmit data from Kotzebue to scientists at ACEP.
A data diode is a unidirectional network communication device that enables the safe, one-way transfer of data between segmented networks. It eliminates external points of entry to the sending system, making it impossible for an insecure or hostile network to pass along malware or accidentally make harmful changes. A data diode deployed by Himelbloom will restrict data flow to a single direction, further reducing cyber risks to KEA’s systems.
With this capability, ACEP is establishing a more secure alternative data pathway for ACEP to collect data from remote sites, while adding almost no additional risk to remote networks.
This DCM work is supported through the Alaska Regional Collaboration for Technology Innovation and Commercialization program, an Office of Naval Research initiative.