National Cybersecurity Awareness Month: Secure Externally
In continuation of recognizing National Cybersecurity Awareness Month, Power TakeOff is sharing some of the security measures it takes, internally and externally, to protect our employees, customers and partners. See our previous blog post on internal security measures to learn more about our company training, testing and policies. At the same time, Power TakeOff’s external security measures focus on precautions to defend the company’s data and systems against external risks and threats. In many ways building a fortress and protection systems to safeguard all of Power TakeOff’s data and systems.
When asked about the company’s approach to external cybersecurity measures, Power TakeOff’s Chief Operations Officer, Kevin Martin stated, “Everything in the cybersecurity world is dynamic, and as a company, we need to be continually responsive; staying on our toes and constantly improving systems to stay ahead of the newest developments and potential threats.”
One of the ways Power TakeOff stays ahead of potential threats is by constantly reviewing and improving our external cybersecurity controls and systems. At least once a year, an annual risk analysis is performed as part of the company’s Risk Management & Risk Assessment Program. This detailed review assesses the potential risks and impacts of over 150 unique risks posed to the business and the appropriateness of the company’s existing controls in place to prevent such risks. Power TakeOff also takes many steps to automate its continuous screening, updating, and patching of potential threats. This includes systems such as: automatic anti-virus and anti-malware updates, automatic firewall patching, automatic, maintaining intrusion prevention systems (IPS) and intrusion detection systems (IDS), performing continuous network vulnerability scanning, and testing systems against known vulnerabilities.
Beyond the ongoing systems patrolling, updating, and testing Power TakeOff’s security measures, Power TakeOff ensures that all new equipment deployed is hardened in accordance with current industry best practices, such as NIST security configuration guidelines. Routine backups, redundancies, and automatic failovers are put in place to ensure continued confidentiality, integrity, and availability of Power TakeOff’s data and systems no matter the conditions.
Often one of the biggest security risks to a company is what it doesn’t know or isn’t aware of. That is why Power TakeOff has clear reporting and escalation mechanisms in place – going all the way to the chair of the board of directors. It also includes a 24/7 anonymous reporting and whistleblowing hotline so that if any employee or stakeholder at the company believes there is a security risk, there are clear paths to ensure the risk or concern is addressed. While security threats are ever changing, so is Power TakeOff’s response. We strive to be leaders in the utility industry in the integrity and rigor of cyber security controls to ensure the appropriate safeguarding of our company’s, employees, and clients all important data and systems.