In addition to dealing with the same types of external and internal IT security concerns that face many other types of businesses, power companies like Tri-State are also facing a rash of break-ins at remote substation facilities; as prices for copper metal have soared, so have the number of criminals attempting to make off with the valuable copper wire.

The need for systems that can help the company monitor effectively for physical security events, in addition to IT-based threats such as denial-of-service attacks, has created the need for systems that haven't necessarily existed in the past, the executive said.

Many infrastructure businesses are leery to even speak of the security makeover they're currently undergoing.

"The biggest challenge as an end user today is that almost all process control systems have gone Ethernet over the last five years," said an executive at a large North American chemicals company who requested anonymity. "The intent of these systems is to connect operations to the outside world so they can be controlled and monitored remotely, which is a great idea, but it's also a bad idea because now someone can hack you and potentially take these system offline."

To address their problems, both Tri-State and the unnamed chemicals firm have turned to Verano, a Mansfield, Mass.-based technology vendor specializing in securing Supervisory Control and Data Acquisition (SCADA) systems -- the large-scale, distributed measurement and control technologies which serve as the operational backbone of many large infrastructure businesses.

In addition to the heightened need to defend SCADA systems as companies add more IP technologies into their facilities, Verano officials said that many infrastructure companies are simultaneously dealing with the loss of older engineers who had been responsible for building and maintaining internal applications.

A combination of looming security regulation by the government and the departure of their most knowledgeable workers are putting utilities and other companies under increasing pressure, said Brian Ahern, Verano's founder and chief executive.

"These businesses are worried about external threats, insider attacks, potential regulation from the government, and a loss of their most important expertise," Ahern said. "The incidents you see in the field are often shocking in terms of what is out there right now unprotected, especially when you consider that the impact of even a minor incident could cripple national infrastructure."

A prime example of the type of domino effect that a seemingly small infrastructure mishap can have was the August 2003 blackout that left New York City and a large swath of the Northeastern United States without power, Ahern said. Investigators determined that the entire problem -- which plunged an estimated 40 million people into the dark -- was caused by overgrown tree limbs that interfered with power lines in Ohio.

Verano markets a package of tools under the banner of Industrial Defender that promises integrated security and performance management for mission-critical control systems. Among the products, sold individually or as part of the suite, are a perimeter security appliance, network sensor devices, software and security sensors, as well as a security event management (SEM) console.