Natural gas and electric company NiSource (NYSE: NI) became today the latest investor-owned utility to join the North American Energy Security Assurance Database (NAESAD). Through NAESAD, NiSource, American Electric Power (AEP), Avangrid, and Fortress Information Security securely share the latest essential information on software products managing mission-critical applications for the U.S. energy industry.
NAESAD will provide the energy industry with a comprehensive Software Bill of Materials (SBOM) repository for every vendor. Over the past several years, SolarWinds and Log4J vulnerabilities have highlighted the need to have a fundamental accounting for every software component used within the energy industry. In close collaboration with forward-looking software providers, NAESAD enables critical infrastructure companies to identify, triage, and remediate the most impactful and destructive risks.
“SBOMs are an important tool in our work to secure our most critical assets,” said Carla Donev, NiSource Vice President of Infrastructure and Chief Information Security Officer. “The utilities industry has a history of teaming up to secure the U.S. power grid. What’s good for the electric companies can also work for those of us in natural gas as well. NAESAD provides the apparatus for us to work with vendors and suppliers we know and trust. NAESAD will help us make sure we can share SBOMs safely to create a more resilient cybersecurity infrastructure.”
SBOMs provide the recipe of proprietary and open-source ingredients in software that run critical infrastructure technologies. SBOMs provide actionable information to purchasers so they can make informed decisions about software and help improve the security of applications.
Also Read: Cyber-security Mesh Architecture (CSMA) Implementation Strategies
“NiSource is one of several companies that has stepped up, making it known they want to secure their customers, the industry, and the nation,” said Fortress CEO Alex Santos. “By joining NAESAD, NiSource is making it possible for all Americans to feel more certain that the energy sources they rely on are protected.”
NiSource joins NAESAD less than one month after the White House unveiled its 2023 National Cybersecurity Strategy earlier this month. The Strategy calls for “promoting the further development of SBOMs as part of a process to mitigate the risk coming from unsupported software. Besides the Cybersecurity Strategy and the Executive Order, the Cybersecurity and Infrastructure Security Agency (CISA), The National Institute of Standards & Technology (NIST), and The Office of Management and Budget (OMB) have laid the groundwork for new SBOM requirements for companies that work with the U.S. Department of Energy, U.S. Department of Homeland Security, and other organizations responsible for U.S. critical infrastructure. Additional SBOM requirements for utilities and other critical industries are expected over the next year.
NiSource has approximately 3.2 million natural gas customers in six states (Indiana, Kentucky, Maryland, Ohio, Pennsylvania, and Virginia) as well as more than 500,000 electric customers in Indiana, under the Columbia Gas and NIPSCO brands.
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.