Louisville Water Company has been providing safe, high-quality drinking water to the Louisville Metro area since 1860. Louisville Water serves nearly one million customers in Louisville and across 6 neighboring counties. Their water (coined Louisville pure tap) won the award for “best-tasting tap in America” by the American Water Works Association in 2008. Louisville Water’s mission is to continue to distribute excellent water and services, earning the trust of their customers.
Like many organizations, Louisville Water had security positions and initiatives that were difficult to staff and achieve given the high demand and limited supply of cybersecurity expertise. Louisville Water has an advanced IT architecture and is charged with protecting critical public infrastructure. This makes Louisville Water an attractive target to nation-state actors who might wish to sabotage or extort a vital public utility. Therefore, Louisville Water’s cybersecurity posture is periodically audited by regulatory agencies.
With millions of customer records and employee data, Louisville Water is routinely targeted by garden variety criminals who seek access. Louisville Water has made significant investments in tools and applications to protect the business. Like many organizations, it saw the need to invest in technologies which increase visibility and forensics- including processes and personnel to improve mean-time remediation. As a result, Louisville Water decided to focus their efforts on controls, applications, and processes to provide visibility/alerting when attacks happen, as well as forensics for root cause analysis.
Volta established a Software-as-a-Service model for security and network devices in Louisville Water’s environment by implementing solutions for Security Information and Event Management (SIEM), Security and Network Device Management (SDM), a Vulnerability Assessment System (VAS) and a 24x7x365 Security Operations Center (SOC). Volta has become an extension of the Louisville Water’s team and routinely coordinates with their IT architects in storage, compute/sysadmin, application development, database administration, and networking to gather visibility and provide security guidance based upon agreed methods of procedure.
- Install and configure Incinga, OpenVAS, ElasticStack, and SIEM
- SaaS in Louisville Water’s environment.
- Provision all security and network devices for monitoring in Incinga.
- Conduct monthly Vulnerability Assessments (VA) and address VA-derived gaps.
- Devise and document workflows.
- Provide continuous monitoring and security management of Linux servers.
- Provide agent-based solutions for servers and desktops to feed monitoring.
- Provide training and awareness to users and administrators.
- Device and policy configuration for all security assets.
- Security dashboards for failed logins, scanning, recon, connection and bandwidth anomalies, malware infections, intrusion preventions, signature matches, C&C activity, lateral spread behaviors, DNS.
- Management dashboards to monitor device health by CPU and memory, configuration changes, reboots, system up/down, link up/down.
- Web policy and email policy violations reporting.
Since engaging Volta to implement managed services for security and network devices, Louisville Water has experienced a 40% cost reduction along with an improved security posture and increased effectiveness. Furthermore, Volta’s security practice established a methodology and provided an economy of scale which spared Louisville Water the cost of buying supplementary tools and licenses or training people to deploy and operate them. This managed service freed Louisville Water staff to focus on more strategic departmental objectives and new business initiatives.
In conclusion, Louisville Water Company has improved the protection of their assets and data through working with Volta. Additionally, they’ve also gaining more insights into the current state of their environment. Louisville Water now has a more effective security architecture for a lower cost. They have better visibility, protective alarming, event management, monthly vulnerability assessments and continuous monitoring 24x7x365. All of which was installed and is continuously supported by Volta.