Malicious cyber attacks are a major concern for utilities and have cost the U.S. economy billions of dollars a year. PNNL researchers have developed multiple tools to help thwart these malicious activities, and among them is CFT. The software tool provides a way for utilities and their associated vendors to identify, detect, and respond to emerging cyber threats or vulnerabilities to critical infrastructure. How? CFT provides an easy-to-follow set of best practices, policies, and procedures to improve the cybersecurity postures of critical infrastructure. It works by identifying gaps or areas for improvement where the smartest investments can be made to bolster cybersecurity efforts.
A dynamic “train the trainer” tool called the Cybersecurity Training Game Simulator is built into CFT. The simulation game provides interactive training scenarios based on major cyber attacks that happened in the United States during the past decade. In each scenario, every aspect in the CFT—identification, protection, and response—is weighted and assigned a resource value. This way, cybersecurity experts can identify, in a hands-on way, potential solutions that would lead to the most cost-effective cybersecurity improvements. The game also includes training on systems and policy levels and brings together an organization’s experts in information technology and operational technology to make informed decisions.
The complete CFT framework or the standalone Cybersecurity Training Game Simulator are available for licensing. To learn more, visit booth #1964. You also can contact PNNL Commercialization Manager Peter Christensen at peter.christensen@pnnl.gov.