础颁贰笔鈥檚 data team conducts cybersecurity assessments in Kotzebue

Joy Lomelino, RJ Michael and Solomon Himelbloom pose for a photo in front of the KEA building.
Photo by John Haverlack/ACEP
Joy Lomelino, RJ Michael and Solomon Himelbloom pose for a photo in front of the KEA building.

August 9, 2024

础颁贰笔鈥檚 Data and Cyberinfrastructure Management team members conducted a cybersecurity assessment and training in Kotzebue in July.

ACEP summer intern Joy Lomelino, mentored by John Haverlack, conducted a cybersecurity gap assessment for . A cybersecurity gap assessment is a tool to identify weaknesses and vulnerabilities within an organization鈥檚 cybersecurity infrastructure. Lomelino鈥檚 assessment consisted of a site tour and interviews with staff and third-party information technology contractors for KEA. With the information gathered during this gap assessment, KEA will be able to better understand risks associated with their utility鈥檚 computer systems and prioritize the next efforts needed to reduce their cyber risk exposure.

RJ Michael, another ACEP summer intern and Haverlack鈥檚 mentee, presented an introductory cybersecurity awareness training module for the entire KEA staff. The presentation was so well received that KEA general manager Tom Atkinson suggested they make this an annual training. During the training, staff learned about actions they can take to protect KEA from cyberattacks.

Haverlack and Solomon Himelbloom also wrapped up tasks from previous site visits. Himelbloom deployed a data diode in the ACEP KEA data acquisition system that DCM members Dayne Broderson, Will Fisher and Lisa Jacklin had previously installed. A data acquisition system includes measurement devices, sensors, a computer and data acquisition software. The system is used for acquiring, storing, visualizing and processing data. The ACEP KEA data acquisition system was installed to transmit data from Kotzebue to scientists at ACEP.

Solomon Himelbloom holds a data diode while working in 础颁贰笔鈥檚 lab.
Photo by Yuri Bult-Ito/ACEP
Solomon Himelbloom holds a data diode while working in 础颁贰笔鈥檚 lab.

A data diode is a unidirectional network communication device that enables the safe, one-way transfer of data between segmented networks. It eliminates external points of entry to the sending system, making it impossible for an insecure or hostile network to pass along malware or accidentally make harmful changes. A data diode deployed by Himelbloom will restrict data flow to a single direction, further reducing cyber risks to KEA鈥檚 systems.

With this capability, ACEP is establishing a more secure alternative data pathway for ACEP to collect data from remote sites, while adding almost no additional risk to remote networks.

This DCM work is supported through the program, an Office of Naval Research initiative.