Safeguarding Critical Infrastructure: Optiv and NREL's Substation Security

June 26, 2023
Optiv partnered with the National Renewable Energy Lab (NREL) to deploy cybersecurity tools in a substation environment. This white paper provides the results of our penetration test on systems within this environment to determine cybersecurity alerting effectiveness. Our analysis focuses on the significance of adversary dwell time, cybersecurity operations center (SOC) alert fatigue, and knowledge gaps in critical substation environments where OT and IT cybersecurity converge.