March 6, 2024
Safeguarding Your Water System with a Multi-Pronged Approach
The Insider Blog / 5 min read
Find a distributor
Our extensive global network of distributors is ready to serve you in your local language at your time zone.
Find a distributor
Our extensive global network of distributors is ready to serve you in your local language at your time zone.
March 6, 2024
The Insider Blog / 5 min read
Our Cybersecurity team understands the importance of keeping critical data safe. Badger Meter is committed to helping our customers safeguard their system against potential threats.
Water utilities are vulnerable to many of the same cyber threats as other parties. However, even a small breach or loss of information control in the water industry can disrupt critical infrastructure systems.
Examples of threats are:
Data: The confidentiality, integrity and availability of data can be affected when digital information is not secured.
Ransomware: External actors can threaten the loss of availability of data with blackmail; seeking a “ransom” for the restoration of access.
Personally Identifiable Information (PII) Theft: A release of sensitive customer information to the public or a loss of data confidentiality.
These attacks, if successful, can also result in damage to utility reputation, as consumers lose confidence in their utility when sensitive information has been compromised.
Badger Meter employs a dedicated Cybersecurity team, comprised of individuals holding certifications from recognized, third-party authorities. Among the credentials held by individuals are Certified Information Systems Security Practitioner (CISSP), Certified Forensic Examiner (GCFE), CompTIA Security+, and Certified Information Systems Auditor (CISA).
Our data is hosted on the secure, ISO 27001-certified Amazon Web Services cloud-hosting platform, which provides resources and best practices for users to improve security posture. Company-wide, we provide regular cybersecurity and threat assessment training to employees across all departments, not just Cybersecurity and Software teams.
Cybersecurity is a critical component of the company’s Enterprise Risk Management program. Badger Meter has established an information security framework to help safeguard the confidentiality, integrity, and availability of information assets and ensure regulatory, operational, and contractual requirements are fulfilled.
We take data security and privacy matters seriously. Badger Meter maintains both physical and system security measures, as well as industry-leading technologies, to provide the appropriate data security protections for both general business/employee information as well as customer-utilized software information (BEACON® SaaS).
We are committed to ensuring the security and protection of the personal information that we control and/or process and we provide a globally compliant and consistent approach to data protection. We have an external party assess our cybersecurity risk management program using the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). We also have self-assessed our operations to the National Institute of Standards and Technology (NIST) 800-171.
We administer robust information security training for all employees, with annual certifications. Incident response planning, with regular exercises, is conducted to ensure the effectiveness of preparedness.
To help monitor and address the evolving security landscape, we leverage the world-class expertise of our tier-one cellular carrier partners for the transmission of metering data.
Unlike many AMI solutions that use shared frequencies and bandwidth, ORION® Cellular endpoints use licensed frequencies for primary communications to avoid interference from unauthorized users. ORION Cellular endpoints communicate over the private network, not over the public internet—an approach which exceeds the security provided by encryption alone.
BEACON is ISO 27001 certified and SOC 2 Type 2 examined against the Security, Availability, and Confidentiality Trust Services principles for data security.
All water systems should examine cybersecurity vulnerabilities and develop a cybersecurity risk management program. Proactive action, including developing a strong identity and access management, Single Sign-On (SSO) and network security controls (firewall, intrusion protection), and security awareness training programs (phishing tests) can lessen vulnerabilities.
Incidents of cybersecurity breaches at water utilities are increasing every day. However, one of the best ways to guard against a breach in security is to work with trusted partners and vendors who take precautions and care when it comes to protecting critical information about your process or customers.
Badger Meter works hard so your utility can prevent, detect, respond and recover from these incidents.
If you want to learn more about cybersecurity, check out these resources:
Find a distributor
Our extensive global network of distributors is ready to serve you in your local language at your time zone.