By Chris Cox
Published Oct. 28, 2015
(From Oct. 12-25, 2015 issue of Columbia Regional Business Report)
South State Bank employees get excited when they see CEO Robert Hill on MSNBC. Ross Bagley, however, starts “to sweat a little bit.”
“As we continue to grow and get mentioned on Wall Street, the target on our back grows bigger,” the bank’s senior vice president of technology said. “It just means there’s going to be more challenges for us and more threats trying to get in our space.”
Cybersecurity remains one of the biggest focuses of IT departments nationwide, Bagley and SCANA CIO Randy Senn said during the recent Carolina Technology Conference & Expo at the Columbia Convention Center.
As hackers become more adept at cracking systems, technology officers like Bagley and Senn must stay ahead of the game.
“When you think about security, really just a few years ago, your mind kind of thinks about firewalls and antivirus,” Bagley said. “It kind of stopped right there. Over the last several years with the continual breaches we all hear about monthly, if not weekly, your focus on access management, intrusion prevention, network traffic, flow analysis and data encryption have all really become everyday things for most of us.”
Senn’s team focuses more attention on cybersecurity than it does anything else in the IT area, he said.
An integrated security operations center serves as the hub for monitoring SCANA’s integrity. The central location directing network traffic throughout the company protects everything from customer information and accounting systems to the operations side of the organization.
“We have concerns about open and close breakers, open and close gas valves, plant operating systems,” he said. “Those are our real critical things we need to make sure we manage and protect. The integrated security operation center allows us to view all of that.”
But even the smaller, more tedious details manage to draw Senn’s attention. SCANA’s IT team is constantly reacting to alerts for devices that might have vulnerability, and the company is currently working on a plan to manage USB devices and connectivity throughout the organization.
While not necessarily shutting down their use completely, Senn is trying to limit employees’ exposure to such storage devices.
“That’s one of the most difficult projects I’ve been involved with, right up there with taking away employees’ printers,” he said, laughing. “The thing you’ve got to balance, especially if it’s a utility like us, is there’s so many devices you use in the field relying on a USB port to operate.”
Despite hackers’ recent advances, it’s still the old-school phishing attempts that continue to test IT officials’ patience. About 90% of all breaches still come from these types of attacks, Bagley said.
“It’s not because they’ve broken through our firewall,” he said, “it’s because they’ve broken through our process.”
These hackers know when employees take their holidays, and they visit LinkedIn and other social media pages to learn about personal lives, job titles and even password possibilities, the panel said.
Senn recalled a recent phishing attempt that looked just like an internal message from SCANA CEO Kevin Marsh asking the staff to pay a customer. Marsh recognized the attempt, but a less savvy accounts payable clerk may not have, Senn said.
“In the end, all we really know is it’s truly not a matter of it, it’s a matter of when,” Bagley said. “When it happens, are you aware of it?
“Are you able to see what these abnormalities are in your network flow and pin down who and where that happened, and what data went out the door so you can then manage the communication flow that comes from that?”
Reach Chris Cox at 803-726-7545 or on Twitter @chrisbcox.