Attention to Cybersecurity Solutions in EVNHCMC’s Digital Transformation

Since 2013, the Ho Chi Minh City Power Corporation(EVNHCMC) has been developing its cybersecurity system and is working to expand and upgrade it to meet security requirements in production and business activities, especially during its ongoing digital transformation.

EVNHCMC has been paying special attention to cybersecurity for its information and operational technology (IT and OT), internal security, and for its customers.

EVNHCMC OT and IT networks

Different security technologies are combined for the effectiveness of the IT Security system, including Next-gen Firewall, IDS-IPS, Database Protection, DLP, Email/Internet Gateway, APT. Solutions for the IT Security system: The IT Security system was developed to protect information systems under EVNHCMC's operations, designed based on the principles of network partitioning, multi-layer defense, involving various technologies. Accordingly, the system is divided into different areas such as central server area, branches network area, Internet-connected area, public information area, and partner connection area. A neutral area between private and public networks (DMZ - Demilitarized Zone) is deployed to ensure safety for connections to external networks such as the Internetand the OT network. 

End-user information security is enhanced through the Active Directory (AD) authentication mechanism for all personal computers. Privileged accounts are strictly managed with PIM, and IT network activities are recorded through SIEM services.

Solutions for the OT Security system: The OT Security system was developed to protect SCADA/DMS, DAS/DMS systems based on the principles of network partitioning combined with multi-layer protection, internet isolation, and Data Diode for and communications with the IT network.

OT network system is divided into different areas such as the SCADA/DMS Center network area, DAS network area, and OT-IT communication DMZ. Similar to IT security, OT security also applies multiple security technologies such as Next-gen Firewall, IDS-IPS, domain authentication mechanism, multi-factor authentication for workstations at the SCADA/DMS Center. OT Security has a dedicated SIEM system, and privileged accounts are also strictly managed with PIM.

Shared Security Operations Center (SOC) for IT and OT networks: The EVNHCMC IT & OT SOC was developed to quickly detect threats and unusual behaviors occurring in the system; provide rapid analysis and diagnosis of security events for accurate prioritization; and react quickly assessed threats, thereby minimizing damages caused by attacks.

EVNHCMC SOC includes three main groups of functions: Visibility, Analysis, and Action-Response with the core solution being the SOAR (Security Orchestration, Automation and Response) system combined with existing IT Security and OT Security solutions to form two comprehensive IT SOC and OT SOC solutions consolidated into a single system managed by EVNHCMC security expert team.

Disaster Recovery Plan (DRP) for the OT and IT networks: The DRP establishes the organization for disaster response; specific sequences to manage multiple incident scenarios; and the mechanism for reporting, data synthesizing, and statistical works. EVNHCM has been holding annual cybersecurity drills, participating in cybersecurity events organized by EVN and other institutions at national and regional levels. 

As customer data protection is becoming an increasingly important focus for EVNHCMC, the Corporation has been maintaining full compliance with EVN’s regulations on securing customer’s information, as well as securing registration data of customers visiting its Customer Service website. Several security solutions such as data encryption, transmission encryption, database protection, and customer data access monitoring are deployed for the process of storing and managing these types of information.

In the implementation of its cybersecurity solutions, besides adhering to the Government and EVN’s information security regulations, EVNHCMC has also issued and applied internal guidelines for specific activities in investment, management, and operation of its cybersecurity system.

EVNHCMC has deployed and applied an Information Security Management System conforming with the ISO/IEC 27001:2013 Standard and obtained certification in July 2017. Currently, ISO 27001 is being implemented in key information systems at the Corporation’s subsidiaries.

  • 19/08/2021 11:38
  • 336