GlobalSign Collaborates With the National Cybersecurity Center of Excellence (NCCoE) to Release an Identity and Access Management Practice Guide to Help Energy Companies Reduce Cyber Risk

Step-by-Step IdAM Practice Guide Enables Utility Companies to Implement a Centralized Identity and Access Management System and Authentication Controls Across the Enterprise


BOSTON, MA--(Marketwired - Oct 1, 2015) -  GlobalSign, a leading provider of identity services for commerce, communications, content, and communities, today announced a collaboration with the National Cybersecurity Center of Excellence (NCCoE) to develop a draft guide that will help energy companies implement Identity and Access Management practices to achieve secure access and authentication controls and reduce cybersecurity risk.

As the country's national lab for cybersecurity, the NCCoE brings together people from industry, technology companies, government agencies, and academia to collaborate on applied cybersecurity to address broad challenges of national importance. As an increasing number of technologies, devices, and systems come online and connect to our electric grid systems, an increased need in protection from cybersecurity attacks is inevitable.

To help address these cybersecurity challenges, GlobalSign, as well as other vendors, have been working closely with the NCCoE at the National Institute of Standards and Technology (NIST). The project demonstrates a centralized Identity and Access Management (IdAM) platform that can provide a comprehensive view of all users across different functions; including information technology (IT) physical access, and operational technology (OT), within the enterprise, and furthermore ensuring appropriate access rights have been granted to the right type of users. A draft guide has been published providing a step by step implementation guide on how utilities can control physical and logical access to resources across the enterprises using standards, best practices, and commercially available products.

"Collaborations such as this are invaluable to the NCCoE's work because they allow us to build an experienced team from industry, academia, and government to solve a critical cybersecurity challenge," said James McCarthy, Senior Security Engineer and project lead for the NCCoE's energy sector team. "We want to show that any organization can use standards, best practices, and commercially available technologies to improve cybersecurity, reduce risk, and improve its security posture." 

"GlobalSign is proud to be a collaborating vendor to provide NCCoE our technology and expertise in Identity and Access Management and help join forces with vendors alike to simulate a test environment to provide access control capabilities to reduce the risk of cyber-attacks," said Lila Kee, Chief Product Officer, GlobalSign. "At GlobalSign we are committed to providing cost-effective and scalable identity solutions that allow organizations to employ a variety of authentication methods, ranging from social log-ons to PKI-based digital certificates."

As a participating vendor, GlobalSign was able to simulate access control for users accessing critical systems across several silos that required high assurance identity credentials. Specifically: the simulated test environment utilized GlobalSign's Managed PKI platform to issue and manage NAESB WEQ-12 digital certificate for secure network access of both internal and external users.

Over the last three years, GlobalSign has played a leading role in the development of security best practices and standards needed to secure the utility industry and critical national infrastructures alike. Specifically, GlobalSign is an active participant in the North American Energy Standards Board PKI subcommittee and Lila Kee, GlobalSign's Chief Product Officer holds a board of directors seat on NAESB Wholesale Electric Quadrant (WEQ) to provide cybersecurity expertise and help share security policies and technology standards for the energy sector. Collaborating with NCCoE and industry experts on the IdAM Practice Guide has allowed GlobalSign to further strengthen and encourage protection against cyber attacks.

The draft guide can be found at the NCCoE website. The NCCoE welcomes comments on the guide via email or an online form through late October.

For more information on GlobalSign's Identity Solutions for Energy Companies, please visit https://www.globalsign.com/en/verticals/energy/

About NCCoE
The NCCoE is the U.S. cybersecurity national lab, addressing businesses' most pressing cybersecurity problems with practical, standards-based solutions using commercially available technologies. The center collaborates with industry, academic and government experts to build modular, open, end-to-end reference designs that are broadly applicable and repeatable. As a non-regulatory agency of the U.S. Department of Commerce, NIST promotes U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life. To learn more about NIST, visit www.nist.gov.

About GMO GlobalSign
GlobalSign, founded in 1996, is a provider of identity services for the Internet of Everything (IoE), mediating trust to enable safe commerce, communications, content delivery, and community interactions for billions of online transactions occurring around the world at every moment. Its identity and access management portfolio, acquired from Ubisecure in September 2014, includes access control, single sign-on (SSO), federation and delegation services to help organizations and service providers create new business models for customer and partner interactions. The former Ubisecure operation is now the GlobalSign Center of Excellence for IAM, located in Helsinki, Finland. GlobalSign's solutions are designed to address the massive scalability demanded by the emerging $14.4 trillion IoE market, where the ability to make secure networked connections among people, processes, data and things, will require that every "thing" have a trusted identity that can be managed. The company has offices in the U.S., Europe and throughout Asia. For the latest news on GlobalSign, visit www.globalsign.com or follow GlobalSign on Twitter (@globalsign).

About GMO Cloud KK
GMO Cloud K.K. (TSE: 3788) is a full-service IT infrastructure provider focused on cloud solutions. Established as a hosting company in 1996, the company has managed servers for more than 130,000 businesses and now has 6,500 sales partners throughout Japan. In February of 2011, the company launched GMO Cloud to enhance its focus on cloud-based solutions. Since 2007, the company has also grown its GlobalSign SSL security brand through offices in Belgium, U.K., U.S., China and Singapore. For more information please visit http://ir.gmocloud.com/english/.

GMO Internet Group
GMO Internet Group is an Internet services industry leader, developing and operating Japan's most widely used domain, hosting & cloud, ecommerce, security, and payment solutions. The Group also comprises the world's largest online FX trading platform, as well as online advertising, Internet media, and mobile entertainment products. GMO Internet, Inc. (TSE: 9449) is headquartered in Tokyo, Japan. For more information please visit http://www.gmo.jp/en/.