Overview
Protect your critical electrical infrastructure with GE Cybersecurity Solutions
With the rapid digitalization of the grid, utility, power generation and industrial operators require cybersecurity solutions to monitor and protect grid asset and systems from increased severity and frequency of cyber attacks. GE adopted a “defense in depth” approach, providing innovative cybersecurity solutions designed to increase operational integrity, comply with regulations and control costs of security.
Rely on a robust cybersecurity partner
Long-standing experience in OT cybersecurity
GE started the development of a compliant eco-system since cybersecurity requirements were added to NERC CIP standard
Power grid and industrial control systems expertise
With over a century of OEM experience, GE installed 50,000+ substation automation systems and 3M+ protection and control relays globally
Comprehensive integration capabilities
GE's cybersecurity solutions facilitate the integration of GE and other OEM equipment using standard protocols including LDAP, RADIUS and SYSLOG
Involvement in international cyber organizations
GE's cybersecurity matter experts actively participate in CIGRE and IEC working groups developing today and future standards
Certified solutions and processes
GE's Grid Solutions protection, automation and control solutions are certified IEC62443-3-3 and the integration process is certified IEC62443-2-4
SECURED PRODUCTS AND SOLUTIONS
GE brings state of the art cybersecurity features to our protection and control relays, SCADA HMI, substation gateways and network devices. Our products are designed with a defense in depth approach, covering NIST's identification, detection, prevention, respond and recover functions, allowing our customers to comply to NERC CIP, NESA IAS and EU NIS directive.
Our technology team follows an IEC62443-4-1 certified secure development lifecycle process to ensure that security present at every stage of the design, and our protection relays manufacturing plants are certified ISO27001 to maintain security at the manufacturing stage.
GE monitors threats and vulnerabilities are regularly published product security advisories and security updates. Our Product Security Incident Response Team (PSIRT) can be reached at www.GEGridSolutions.com/security to report vulnerabilities.
Overview
Holistic Approach to Industrial Control Systems Cybersecurity
We are committed. GE's Grid Solutions Protection, Automation and Control solutions are certified IEC62443-4-1 and the
integration process is certified IEC62443-2-4
Key Features:
- Centralized users, roles, and password management
- Centralized logging of security events through SYSLOG
- Intrusion detection system
- Network segregation with VLANs and Firewalls
- centralized anti malware management
- Security updates
Key Benefits:
- Increased security with multi layered approach
- Interoperability with use of standard protocols
- Faster incident response with enhanced monitoring capabilities
- Assists in compliance for regulatory and international standards, such as NERC Business
Optimizing cybersecurity posture improvements with a 4 steps process
Our services include a comprehensive portfolio of methods and tools to quickly improve cybersecurity without the need to change your process. Based on major security frameworks such as NIST, NERC CIP, DoE, and IEC62443, our solutions lie on top of the industry standard security approach.
Our cybersecurity team works with you to identify the target outcomes in a security assessment workshop. The process starts with understanding the current situation, identifying threat scenarios, existing mitigation measures and risks. Risk reduction measures are then identified and grouped in a security roadmap. The solution can include various tools and processes focused on fast deployment and outage reduction. The system is then monitored for the system's life.
Learn How Customers Already Protected Their Grid Infrastructure
Centralized user management and network monitoring
A transmission utility in Middle-East efficiently prevents potential cybersecurity incidents and accurately monitor its network traffic
Regulatory compliance
A wind farm operator in Europe implemented a security architecture validated by the country authority
Security protection against malwares
A power generator plant operator updated its system against malware with no operation outage
Cybersecurity Certified Products and Processes
IEC 62443-2-4
Secure Service Provider Process Certification
GE's Grid Solutions has achieved the IEC 62443-2-4 certification as per the International Electrotechnical Commission (standard) for Electrical Equipment (IECEE) Certification Body Scheme.
The certification ensures that GE follows cybersecurity best practices as defined by the standard when we plan, design and execute Industrial Automation and Control System (IACS) projects.
IEC 62443-3-3
Product Capability Assessment Certification
GE's Grid Solutions has achieved the IEC 62443-3-3 certification as per the International Electrotechnical Commission (standard) for Electrical Equipment (IECEE) Certification Body Scheme.
The certification ensures that substation protection, automation and control solutions of GE's Grid Solutions follow the security requirements for industrial automation and control systems (IACS) related to the seven foundational requirements defined in IEC 62443‑1‑1 and assign system security levels to the system under consideration. The certification is delivered with a Secure Deployment Guide which documents the installation steps and best practices to optimize the system security.
IEC 62443-4-1
Secure Development Lifecycle Process Certification
GE has achieved IEC 62443-4-1 certification as per the International Electrotechnical Commission (standard) for Electrical Equipment (IECEE) Certification Body Scheme.
This certification ensures that GE has defined, implemented and enforced a secure development lifecycle process across all the product's lifespan - from the design to the end-of-life cycle.