Open-Source Cybersecurity Tool to Enhance Grid Protection

A revolutionary new cybersecurity tool that can help protect the electric power grid has been released to the public on the code-hosting website GitHub. Developed by researchers at the U.S. Department of Energy’s (DOE) Idaho National Laboratory (INL), the Structured Threat Intelligence Graph (STIG) software allows utility owners and operators to easily visualize, share, create, and edit cyberthreat intelligence information. The ability to share threat intelligence is essential for protecting critical infrastructure like the electric power grid, water treatment facilities, oil refineries, and manufacturing plants from cyber exploits. Prior to the development of this software, threat information was too complex and cumbersome to share, limiting its application in operational environments. The new software standardizes collection via Structured Threat Information eXpression (STIX) and converts complex data on cybersecurity vulnerabilities into a visualization that is easy to understand and act on. With STIG, utility owners and operators have a common system for sharing threat intelligence information, thus increasing the chances of detecting and mitigating cyber exploits before they lead to a cyberattack.