Over 20 years ago, our founders envisioned how technology could be used to create a redundant, scalable, and resilient solution to quickly and reliably alert entire populations in the face of critical events. In that time, Everbridge has built a category-leading, unified critical event management platform trusted by more than 6,500 global organizations. According to a recent Forrester Consulting commissioned study, after investing in Everbridge’s CEM platform, interviewees’ organizations had “the capabilities and resources to effectively respond to and contain critical events, allowing them to better protect employees, company assets, and business processes.”
Since our beginnings, the Everbridge brand has stood for protecting our customers’ most valuable assets, their people. We are pleased to unveil our evolved Everbridge brand, renewing our mission to keep people safe and organizations running.
Our revised logo is an elegant and simple reflection of the resilience we provide to our customers, their rapid response to critical events, and most importantly the speed and upward strength of the recovery process. Our evolved brand is also a reflection of our desire to continue to serve you, our customer, with a modern comprehensive critical event management platform.
In an increasingly unpredictable world, resilient organizations minimize the impact events have on their people and operations. In the future we imagine a world where we empower our customers to absorb stress, return to productivity faster, and be more resilient.
We are grateful for your continued support and loyalty as we embark on this exciting new chapter for our company.
President & Chief Executive Officer, Everbridge
Adlan Hussain, Product Marketing
As noted in the Wall Street Journal in February 2023, physical attacks on the U.S. power grid rose 71% last year compared with 2021 and will likely increase this year.
The U.S. power grid is of critical importance to our national security and economic security, but in an increasingly connected world where physical and cyber attacks are becoming more frequent, executives must be aware of the potential risks posed by malicious actors targeting their power grids. In recent years, malicious actors have increased their efforts to penetrate and damage U.S. power grids through both physical and cyber attacks. This has been seen with the North Korean WannaCry ransomware attack on American energy companies in 2021, as well as other attacks on American nuclear and power infrastructure over the past few years. Malicious actors may also target the grid for financial gain or simply for disruption, making it essential for executives to stay vigilant when it comes to protecting their company’s systems from all types of security threats.
What is critical infrastructure protection?
Critical infrastructure protection (CIP) refers to the efforts to safeguard the essential systems and assets that are vital to the functioning of a society, economy, or nation-state. These systems and assets fall within key critical infrastructure sectors that are considered essential to the functioning of a nation and its people. These sectors are typically identified by governments and international organizations and are recognized as critical because they are vulnerable to physical and cyber threats and attacks that could cause significant harm or disruption to society.
The critical infrastructure sectors can vary slightly depending on the country or organization defining them, but generally, they include power grids, water treatment facilities, transportation networks, communication systems, financial institutions, and other critical facilities. These sectors are interdependent and interconnected, meaning that an attack or disruption in one sector can have a cascading effect on other sectors and society as a whole.
The aim of CIP is to prevent, detect, and respond to any physical or cyber threats that may impact the availability, integrity, or reliability of these critical infrastructures. CIP involves a wide range of activities, such as
- Risk assessment
- Vulnerability analysis
- Threat detection
- Emergency response planning
- Cybersecurity measures
What elements of the power grid are considered CIP?
The United States power grid consists of key elements that all need to be protected, which include;
- Generation: The power grid begins with power plants, which produce electricity from a variety of sources, including fossil fuels, nuclear energy, and renewable resources like solar and wind.
- Transmission: Once electricity is generated, it is sent over long distances through high-voltage transmission lines to substations.
- Substations: These facilities step down the high-voltage electricity to lower voltages for distribution to local areas.
- Distribution: Local distribution systems then deliver the electricity to homes, businesses, and other users.
- Control systems: The power grid is monitored and controlled by sophisticated computer systems that ensure the proper balance of supply and demand and help prevent blackouts and other disruptions.
- Workforce: A skilled workforce is necessary to operate and maintain the power grid. This includes engineers, technicians, electricians, and other professionals.
Ensuring the security and protection of these assets is critical for the functioning of society and the economy, and any disruption or attack on these power grid elements can have significant consequences. Therefore, efforts to protect the power grid from physical and cyber threats are a key component of critical infrastructure protection.
What can be done to protect critical infrastructure
Power grid operators must take a proactive approach when it comes to protecting all of the elements highlighted above. Companies should regularly assess and address weaknesses in their systems, adopt the latest technologies, and stay up to date with government regulations concerning critical infrastructure protection.
Fortunately, there are steps businesses can take to protect their operations from attack. The U.S. government has a set of regulations which sets out guidelines for how companies should implement critical infrastructure protection to protect their power grids from threat actors and other accidents that could cause ballistic damage or other forms of destruction to infrastructure and private utilities operations. Companies should strive to comply with these standards in order to remain secure against malicious intrusions and vandalism, both physical or digital.
Technologies such as Physical Security Information Management can be used to monitor their perimeter and detect threats before they have the chance to penetrate the system. Companies should also look into investing in physical security measures such as surveillance cameras, video analytics, perimeter intrusion detection systems and hostile vehicle mitigation systems.
On the digital side, cyber-attacks are becoming more prevalent for disrupting normal operations. Whether intentional harm or a way to try new code, attackers are actively looking at utilities as a way to cripple both the economy and our daily lives. While we saw the effects of the Colonial Pipeline attack, it is now realized the payoff can be beneficial and because of this more vulnerabilities are being sought after and exposed. This can be anything from passwords being leaked to legacy systems that have not been updated. Operators now have more pressure to ensure systems are up to date and there is visibility into all systems while staying current with governmental regulations.
To ensure performance in all aspects of grid operations, technology to facilitate and automate the response to incidents can be put in place with a digital operations platform. Bolstering resilience by assessing, acting, and analyzing incidents, disruptions can be handled efficiently and effectively prior to affecting customers and improving responses to future events.
By taking these steps—and staying up-to-date with government regulations—executives can ensure that their businesses remain safe against any type of attack while continuing to provide reliable service for customers across the country. Additionally, it is important for companies to build strong relationships with public security agencies like the Department of Homeland Security and local agencies to share information on threats both at a national and local level.
Contact us to learn how Everbridge can help safeguard your organization with a digital operations platform.
Five cases where receiving the right care, at the right time, made all the difference. Everbridge Assist, powered by Anvil.
Whether dealing with online threats to the safety of your people or security of your assets, Everbridge Signal can help.
There are billions of people online right now. Among that noise is information that could be vital to your organization’s safety and security. Everbridge Signal will help you find relevant information using Artificial Intelligence and Machine Learning. Detect incidents in real-time by gathering data from public sources including the dark web, deep web and social media. Whether your issues are cyber or physical, Signal can help.
Whether the issue is as direct as a threat to citizens, or physically intangible such as misinformation, Everbridge Signal can help.
Higher education is a hot spot for physical and digital threats. However, digital threats have pushed the world of higher education to a breaking point, with ransomware becoming one of the most devastating threats to higher education in recent years.
The Impact of Ransomware on Higher Education
While ransomware is not a new threat, attacks have risen by 105% across the globe since 2020, and its effects have been devastating. With ransomware attacks doubling since 2019 and showing no signs of slowing, higher education institutions have been left scrambling to thwart these digital threats. Unfortunately, efforts to repel ransomware haven’t been as impactful as the industry would like. According to EdScoop, a website dedicated to helping K-12 and higher education leaders keep ahead of technology changes and threats impacting school districts, 44% of respondents in education reported being attacked by ransomware. The average cost to remediate the impact of a ransomware attack peaked at $2.73 million USD: 48% higher than the global average across all sectors.
Ransomware’s Impact on Higher Education is Global
While it’s easy to look at ransomware as a threat impacting higher education institutions far away, ransomware attacks occur across institutions of higher learning around the globe. For example, the UK has experienced a spike in ransomware attacks in the education sector much like the US, with the UK’s National Cyber Security Centre (NCSC) issuing formal guidance on the sharp increase of attacks in an effort to combat the uptick in cybercriminal activity.
The impacts of ransomware, beyond the price tag to remediate them, are far-reaching. According to a Sophos study, 58% of higher education institutions hit by ransomware said cybercriminals were successful in encrypting their data. Only 68% of education institutions that paid a ransom to get their data back were successful in data recovery.
Of all the targets cybercriminals have, higher education has become one of the most popular. Since higher education notoriously suffers from tight budgets and underfunding, this should come as little surprise. With a lack of proper tools for combating digital threats at their disposal and open remote desktop ports and databases greatly increasing their vulnerabilities, cybercriminals have a much easier time hacking and disrupting university networks than those of other institutions and industries, making ransomware attacks easier and more effective.
Protecting Against Ransomware in Higher Education
Protecting students, staff, and assets from the effects of a ransomware attack is no easy task, but it is far from an impossible undertaking. To effectively combat ransomware attacks, higher education institutions must find creative ways to use their highly restrictive budgets to their advantage: investing in solutions that scale to future threats while simultaneously securing the safety of their people and assets in the present. The Everbridge Digital Operations Platform empowers higher education institutions by giving them the tools needed to combat the biggest threats in the industry, allowing decision-makers in higher education to better meet the safety and security challenges of their institution while maintaining readiness as new digital threats and trends emerge.
To learn more about how our Everbridge Digital Operations Platform can help your institution protect and prepare, explore.