On average, a computer data breach can go undetected for more than six months—plenty of time for a cyber criminal to snoop around, cause mayhem, and steal valuable personally identifiable information.
That’s expected to end early next year when a new tool from NRECA and the Department of Energy designed to fight cybercrime becomes commercial.
The creators of the system, dubbed Essence, will trim the average time between a breach and detection from 204 days to only one hour, says NRECA Chief Scientist Craig Miller.
“The future of cyber security is knowing when there is a breach,” Miller says. “Two-hundred and four days is too much time for an attacker to research, steal, and cause destruction.”
Miller says Essence is essentially an algorithm that establishes a “normal” state for a computer network and monitors the system continually for anything out of the ordinary. When an anomaly is detected, an alarm is raised.
“This turns network security upside down,” Miller says. “Current network security tries to establish what all the bad stuff in the world is, then keep it out. This means you’re always a step behind the hackers. The Essence system simply asks, ‘Is it normal for our network?’ If the answer is no, access is denied, and a network engineer is notified.
To date, the National Rural Telecommunications Cooperative has already deployed some elements of Essence technology in a new monitoring product it is testing to look for hot sockets that indicate fire or electrical problems.
“Essence is a simple, affordable, effective tool for keeping a network safe,” Miller says. “This could be a real game changer, not just for the utility industry but all industries that use computer networks.”