The Lieberman RED -- Rapid Enterprise Defense™ Suite -- from Lieberman Software Corporation (Los Angeles) is designed to help utilities in critical national infrastructure industries, such as water, power, oil and gas, meet U.S. federal government cybersecurity regulations.
The North American Electric Reliability Corporation (NERC) is committed to protecting utilities against cyber-attacks that could lead to malfunctions or instability, through its NERC Critical Infrastructure Protection (CIP) cybersecurity standards (NERC CIP Version 6). Penalties for non-compliance with NERC CIP can include fines, sanctions or other actions.
These standards require utility owners, operators and users to:
- Identify critical IT assets and regularly perform a risk analysis of those assets
- Establish policies for monitoring and changing the configuration of critical IT assets
- Enforce IT controls protecting access to critical cyber assets
- Deploy systems for monitoring cybersecurity events
The five cybersecurity modules of the Lieberman RED Suite help IT identify and repair weaknesses in security configuration, implement strong privileged identity and access management. The modules also provide automated remediation capability when an attack is detected. The software lowers the cost and uncertainty of NERC CIP compliance by:
- Discovering and changing default passwords on existing and new hardware and software assets
- Maintaining minimum complexity and change frequency standards for privileged account passwords
- Providing authoritative audit trails of privileged access requests on systems and applications
- Proving that individuals who are terminated or change job roles no longer have access
- Enforcing system access controls
- Maintaining an accurate inventory of systems and accounts — and how they are used
- Preventing malicious code from executing