Cyber professionals have spent countless hours reinforcing the systems of myriad industries. Now, some of them are reciprocating, as integrating geographic information systems (GIS) with enterprise IT/OT systems becomes more common. By mapping location-based data against utility infrastructure, these platforms allow teams to analyze real-time variables and harden strategic decision-making.
GIS tools add another layer of defense, encouraging more collaboration with an Environmental Systems Research Institute (Esri) implementation partner. Leaders in the industry are leveraging these connections to deliver tangible, adaptive results in a ruthless cyber landscape.
Modernizing for a resilient future
Citizens Energy Group provides utilities to 900,000 people in Indianapolis and beyond, making a breach a notable disruption to society. It wanted to upgrade GIS software to embrace analytics and modern functionalities because its legacy infrastructure was making its data and business assets vulnerable.
System integration and IT/OT connectivity were crucial because the installations would also enable future scaling, allowing the provider to be more compliant and intentional with its data-driven applications. It partnered with TRC, an Esri implementation partner, to use the Esri ArcGIS Utility Network. Patrick Lunn from TRC noted adoption would support Citizens’ goals, saying, “The Utility Network enables improved data quality by enforcing good editing habits and preventing common data errors through built-in topology rules.”
It also enhanced cyber resilience by consolidating disparate assets into a single, trusted space, thereby bypassing the need for custom solutions. ArcGIS made data and asset management clearer, which was essential for increasing geospatial awareness in emergencies. If an outage occurred, professionals could finally view the affected area and predicted effects with advanced analytics. Teams can prevent threats from spreading to more constituents because the data is usable, up-to-date, and actionable.
Proactive, global threat management
Lockheed Martin, a leader in aerospace and defense, has been praised for its proactivity and responsiveness to emergencies. This is because of its early decision to implement Esri’s ArcGIS, which manifested in its signature Global Emergency Operations Center (GEOC). With an enterprise of over 120,000 employees worldwide, it needed to standardize safety monitoring globally. With this kind of footprint, the diversity and frequency of cyberthreats are astronomical.
The technology uses maps and real-time data to show employees the state of the world. It can create accurate depictions of a hurricane in the U.S., a train incident in the Netherlands and more, suggesting suspected impacts to clientele, the data and employee safety. It also delivers emergency notifications from authorities and connects to intelligence feeds.
The GEOC’s partnership with Lockheed Martin is vital for protecting its assets through features such as proximity-based analyses and physical security risk management. Organizations like Lockheed Martin would not have global oversight of their cybersecurity without leveraging the unique metrics GIS prioritizes.
Breaking down silos to mitigate threats
Duke Energy was another provider seeking solutions for its GIS infrastructure, but in a different form. The expanding organization discovered that information was becoming isolated and siloed. Departments contained data that would be helpful to the whole, but it was locked in disparate systems. This makes incident response, detection and risk assessments more complex, as cybersecurity strategies are more challenging to standardize and implement.
The company looked inward to find a way to improve. Its GIS team partnered with the physical security team and intelligence analysts to design a more resilient digital infrastructure. Together, they designed the Threat Awareness Portal, which connected IT and OT data streams. The platform created a singular picture of the cybersecurity posture of Duke Energy, leveraging crime data, location-tagged incidents, and more. It also considered weather data and how this impacts stability.
For the first time, Duke Energy was able to manage its operations across seven states. It even used an AI-powered tool with its GIS integrations to scan social media channels for emerging threats. Lead intelligence analyst, Forrest Kelley, said, “We’ve got such a large footprint with thousands of assets that vary in criticality… Getting plugged into GIS and getting the [map] layers that have our generation, transmission, distribution assets, and all of our gas assets has been huge for us.”
Cyber resilience is about preemptive action, and the transparency and visibility the portal provided can allow Duke Energy to think about expanding its consumer base further without jeopardizing who they already serve. This includes its staff, who use real-time information to operate more efficiently and safely in the field.
FAQs About Integrating GIS With Enterprise IT/OT Systems
As more organizations partner with Esri and GIS to enhance cybersecurity, more questions arise.
Is GIS under threat of AI?
While many question whether conventional GIS practices will become obsolete due to AI, these case studies show that the opposite will occur. Cybersecurity and GIS experts alike will use AI capabilities to enhance GIS tools, helping professionals visualize more information efficiently and safely. AI will augment the abilities of GIS equipment and software.
What is the future of GIS technology?
GIS will grow because of expanded integrations. Innovations like AI are only one aspect. Sensor-based technologies are another, making GIS tools better data-collection resources and forecasting tools. These will empower the cybersecurity field to get clearer visuals of the physical effects of cyberattacks, improving triage and prevention.
How is GIS used in cybersecurity?
Industry experts will continue to expand GIS tools’ capabilities for safeguarding digital and physical spaces. Currently, it is about using analyses of geographic information to understand the sources and pathways that threat actors take, especially when threatening critical infrastructure. This is why more businesses are seeking system integration and IT/OT connectivity.
Geospatial Intelligence as a Core Security Layer
GIS helps cybersecurity analysts handle more than the physical aspect of cybersecurity. Many organizations are implementing it into their resilience strategies because the insights and visualizations from GIS software are invaluable for risk assessments, threat prevention, and source discovery. Eventually, these fields will be inextricably linked as the drive to connect with an Esri implementation partner becomes an even greater staple of corporate stability.
Emily Newton is a seasoned freelance writer and Editor-in-Chief of Revolutionized Magazine, specializing in digital technologies disrupting industry. She has a passion for exploring how IoT is revolutionizing the industrial and tech sectors. You might have seen her work in publications like TripWire, IoT For All, and Embedded. When she's not writing, Emily enjoys playing chill video games and stargazing.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.