下载PDF
Rapid7 > 实例探究 > Nebraska Public Power District Fights Phishing, Meets Compliance Requirements with Nexpose and Metasploit
Rapid7 Logo

Nebraska Public Power District Fights Phishing, Meets Compliance Requirements with Nexpose and Metasploit

技术
  • 网络安全和隐私 - 网络安全
  • 网络安全和隐私 - 安全合规
  • 网络安全和隐私 - 端点安全
适用行业
  • 公用事业
适用功能
  • 商业运营
  • 设施管理
服务
  • 系统集成
  • 培训
挑战
The Nebraska Public Power District (NPPD) faced a complex compliance situation due to various regulatory mandates, including NERC CIP standards, HIPAA, and specific cyber regulations for their nuclear facility. As a publicly powered state, Nebraska's electric utilities are owned by the public, adding another layer of complexity. NPPD needed to ensure robust cybersecurity measures across its 4,000 assets spread over 19 sites, while also addressing the increasing sophistication of phishing attacks. The organization aimed to improve its overall security posture and meet compliance requirements effectively.
关于客户
Nebraska Public Power District (NPPD) is the largest electric utility in the state of Nebraska, providing electrical power to 86 of the 93 counties. As a vertically integrated utility, NPPD handles generation, transmission, distribution, and retail services. The organization is a political subdivision of the state, meaning it operates independently while adhering to state statutes. NPPD employs a mid-size team dedicated to cybersecurity, with additional support from IT personnel across various sites. The organization has been proactive in cybersecurity training and awareness, particularly in combating phishing attacks.
解决方案
NPPD has been a Rapid7 customer since 2009, utilizing Nexpose Enterprise Edition for vulnerability management and Metasploit Pro for penetration testing. The integration of these tools allowed NPPD to efficiently manage and remediate vulnerabilities across its assets. Nexpose provided an intuitive interface and clear remediation steps, making it easy for administrators to perform scans and address vulnerabilities. Metasploit Pro enabled NPPD to conduct phishing exercises and assess user vulnerability, enhancing their overall security posture. The combination of these tools helped NPPD meet compliance requirements and improve cybersecurity awareness among employees.
运营影响
  • NPPD's use of Nexpose and Metasploit has significantly improved their ability to manage and remediate vulnerabilities across their assets.
  • The intuitive interface and clear remediation steps of Nexpose made it easy for administrators to perform scans and address issues.
  • Metasploit Pro enabled NPPD to conduct effective phishing exercises, enhancing employee awareness and reducing user vulnerability.
数量效益
  • 45-55% increase in systems meeting goal threshold.
  • Initially, only 25% of systems met the security threshold goal; now, 70-80% of systems meet the goal regularly.

相关案例.

联系我们

欢迎与我们交流!

* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

Thank you for your message!
We will contact you soon.