A leading North American power company has a range of different types of generation assets. These include coal, gas, wind, solar, and hydro in addition to transmission and distribution, and natural gas storage and distribution.
- Generation assets and different OEM systems lacked security maturity
- No visibility into OT assets led to inefficiencies, outdated assessments, and delayed responses to data requests
- A fragmented approach and lack of standardized remediation and response processes for low-impact assets
- Industrial control support vendors lacked the cybersecurity knowledge which resulted in inability to implement advanced OT security measures
- Verve® by Rockwell Automation
- Adopted “Think Global: Act Local” approach
- Technology-Enabled Vulnerability Assessments (TEVA)
- 70% reduction in labor costs with the “Think Global, Act Local” approach
- Reduced time, cost, and response times thanks to greater visibility across all assets
- Lowered false positives and enabled quicker identification of response actions allowed for least disruptive responses
A leading power company began their OT cyber journey like many others—in the pursuit of NERC CIP compliance. With growing attention from regulators and insurers, the company needed to move from a reactive posture to a proactive enterprise-aligned program.
Challenge
OT Assets Lacked Security Maturity
Over the course of three years, the power company recognized they needed to grow beyond compliance-driven cybersecurity. With nearly 80% of their infrastructure tied to power generation, gas, and distribution, they faced growing risks in environments historically underserved by traditional IT programs.
Visibility Gaps Across Systems
They also struggled with consolidating the risk view across distributed systems from OEMs like Rockwell Automation, ABB, GE, and Schneider. This resulted in legacy risk assessments that were incomplete or quickly outdated. Without centralized visibility, compliance reporting for regulators and insurers grew costly and unsustainable.
Disconnected Tools and Limited OT Expertise
Their existing approach didn’t include a platform that could scale with the company. Threat detection was fragmented and security ownership was siloed. The internal OT security team was small and existing ICS support vendors didn’t have the expertise needed to meet increased demand.
Solution
Vendor-Agnostic Systems Management Approach
The power company adopted Verve by Rockwell Automation’s OTSM solution. This robust, vendor-agnostic platform delivered enterprise-grade visibility, risk assessment, and remediation across their OT environment.
“Think Global: Act Local” Unified Strategy
The “Think Global: Act Local” (TG:AL) model allowed centralized cybersecurity personnel to analyze risks and define remediation strategies based on a real-time, 360° asset view. Then, local OT teams safely and deliberately executed these actions to help preserve plant reliability.
Technology-Enabled Vulnerability Assessment
Verve by Rockwell Automation’s platform reduced the need for manual assessments by conducting continuous, real-time risk analysis at the endpoint level. This enabled the company to detect dormant accounts, unapproved software, missing backups, and firewall misconfigurations across all OEM systems.
Remediate, Respond, Recover Framework
The 3R cybersecurity model—Remediate, Respond, Recover—allowed sites to patch systems, harden configurations, and clean up vulnerabilities. When potential threats like brute force login attempts surfaced, the team was able to quickly respond. The team also implemented a centralized backup strategy across multiple OEM devices for recovery readiness.
Hands-On OT Cybersecurity Expertise
The skilled team members supported segmentation design, vulnerability management, and remediation across the gas, coal, and electric systems. The team also worked together with their OT cyber team to help close skills gap and accelerate security maturity at scale.
Result
Reduced Cost and Time for Cyber Risk Assessments
By aggregating data across wind, solar, hydro, fossil, nuclear, distribution, and gas operations, the company built a single, real-time view of OT cybersecurity risks. This resulted in a lowered response time from weeks to hours for board and insurer risk requests.
Improved Threat Detection and Faster Response
The company successfully reduced false positives and accelerated threat response by integrating endpoint behavioral data into their detection capabilities. As a result, their system now enables faster identification of risks and more targeted mitigation efforts with less labor-intensive processes.
Enterprise-Wide Efficiency Without Added Headcount
The OTSM platform now manages dozens of sites across a wide geographic footprint. With a unified risk view that contained OT and IT data, the company achieved their goal of supporting a stronger, enterprise-wide cybersecurity posture with reduced labor costs by up to 70%.
Published July 28, 2025
You may also be interested in