IronNet and AWS Help New York Power Authority Prevent Cyberattacks at Scale

Executive Summary

IronNet Inc. joined forces with AWS to deploy IronNet’s Collective Defense cybersecurity platform to protect the New York power grid from well-funded and nation-state-sponsored threats. IronNet helps organizations to secure their networks by delivering a Collective Defense platform that operates at scale. The solution is powered by Amazon EC2 servers and Amazon S3 storage.

How Collective Defense Protects Industry Ecosystems

With the rise of sophisticated threat actors and state-supported adversaries, cybersecurity continues to be a costly battle that organizations fight on their own. To help tackle this challenge, IronNet Inc., an Amazon Web Services (AWS) Public Sector Partner, leverages the scale and flexibility of the AWS Cloud to turn traditional cyber defense on its head—through a Collective Defense approach to cybersecurity.
IronNet’s network detection and response (NDR) solution, IronDefense, monitors network traffic data to identify abnormal activity and alert potential attacks. Security operations center teams can anonymously share attack intelligence with other security teams in related industries and peer groups in a real-time ecosystem called IronDome. This Collective Defense platform gives security analysts the necessary situational awareness across industries, competitors, and those who share a common supply chain to see an attack earlier and work together to stop it in its tracks.

Protecting New York State Utilities

To protect utilities across the United States, the IronNet Collective Defense approach bands together security teams across different companies to provide comprehensive visibility and tactical coordination to quickly spot suspicious network activity and share anonymized threat data in real time. Joining IronNet in this endeavor is the New York Power Authority (NYPA), the nation’s largest state public power organization, which serves 50-plus municipalities and electric cooperatives in addition to statewide power utilities.
Protecting the New York State utility ecosystem from cyber threats is a top priority for IronNet and NYPA. Should one municipality suffer an infrastructure breach, others could be left vulnerable to the same attack.
“We want to help municipal utilities implement strong IT security programs that detect and mitigate cyberattacks,” says Victor Costanza, deputy chief information security officer at the New York Power Authority. “We also need to keep the cost down and streamline deployments. Funds and resources for municipalities are limited, so it’s difficult for them to implement sufficient security controls and then monitor their infrastructures.”

AWS Cloud: A Key Helper of Collective Defense

In addition to the Collective Defense capabilities IronNet delivers, scalability is a key factor in creating a collaborative cybersecurity solution. The IronDome system needs to handle threat detection and intelligence in real time and promote threat sharing and collaboration across the regional and national power grid. NYPA also wants to keep the cost down so municipal utilities can pay for the program while remaining within their budgets.
To help meet these requirements, IronNet turned to AWS as the ideal cloud environment. “Our solution could not exist without AWS,” emphasizes Shawn Wallace, vice president of energy business development at IronNet. “As a premier cloud provider, AWS has helped a shift in cybersecurity so teams from different organizations can share information and work together.”
Key AWS services powering the collective cyber defense solution include Amazon Elastic Compute Cloud (Amazon EC2) servers and Amazon Simple Storage Service (Amazon S3), which stores threat data and intelligence. The Amazon Route 53 domain name system connects authorized users to application services while Amazon Simple Notification Service (Amazon SNS) sends security alerts and notifications.
The ability of AWS compute resources to scale cyber defense resources allows IronNet to deliver threat detection and attack intelligence that is cost-effective. This scalability makes it more likely that other utilities will participate in the Collective Defense community.
“When we offer IronDome to potential customers, AWS technology gives us market credibility and the ability to roll out the service fast,” explains Edward Potter, regional sales director at IronNet. “We can build the community more quickly to better protect the grid, especially given that many organizations already use AWS for IT services outside cybersecurity.”
“With the technologies provided by IronNet and AWS, the IT and power infrastructures that each entity in our ecosystem operates can collect anonymized cyber threat information that benefits other utilities,” Costanza adds. “If one is attacked, IT teams will know in near-real time so they can take proactive mitigation steps.”

Providing Greater Visibility into Unknown Attacks

To bring the solution from IronNet and AWS to the New York energy ecosystem, NYPA first implemented pilot tests in three municipalities. Costanza discusses the benefits that the utilities can realize: “We can detect and gain visibility into threats on the network edge—before they breach digital assets. While traditional intrusion protection systems detect only known attacks based on signatures, we can also detect unknown attacks.”

“Our solution could not exist without AWS. As a premier cloud provider, AWS has helped a shift in cybersecurity so teams from different organizations can share information and work together."

-  Shawn Wallace, vice president of energy business development at IronNet

A Cybersecurity Blueprint for Any Industry

Running the pilot was key because municipalities and state agencies don't have time to look at a solution that’s not immediately actionable. IronNet provides a security solution proven to work in the utility ecosystem.

Wallace concludes, “With help from AWS and NYPA, we have created a blueprint that’s applicable to any ecosystem, whether it's an industry or a state association. We bring them all together so they can leverage what others are experiencing and learn better ways to protect the entire ecosystem from cyberattacks.”

Channel 4

About About the New York Power Authority (NYPA)

NYPA is the largest state public power organization in the nation, operating 16 generating facilities and more than 1,400 circuit-miles of transmission lines. More than 80 percent of the electricity NYPA produces is clean renewable hydropower. NYPA uses no tax money or state credit. It finances its operations through the sale of bonds and revenues earned in large part through sales of electricity.

About IronNet Inc.

Founded in 2014 by General (Ret.) Keith Alexander, IronNet Inc. is a global cybersecurity leader that is transforming how organizations secure their networks by delivering the first-ever Collective Defense platform operating at scale. Employing a number of former National Security Agency cybersecurity operators with offensive and defensive cyber experience, IronNet integrates deep tradecraft knowledge into its products to solve the most challenging cyber problems facing the world today.

Published January 2022