Protecting national critical infrastructure like the national electrical grid is a priority for utilities, energy providers and government agencies. The North American Electric Reliability Corporation (NERC) maintains cybersecurity standards for Critical Infrastructure Protection (CIP). NERC Standards CIP-002-3 through CIP-009-3 provide a cybersecurity framework to identify and protect critical cyberassets of the bulk electric system. Perceived and real threats from hackers and cyberterrorists, legislative mandates with the promise of penalties for non-compliance, and the opportunity to upgrade network infrastructure are all driving compliance with NERC CIP.
Meeting compliance with NERC CIP is a governance, administration and technical challenge. NERC CIP compliance efforts are optimized when combined with automation and control updates to infrastructure, to meet compliance as well as smart grid, dispatch and responsive utility objectives.
Security consulting services can assist organizations with NERC CIP compliance and the protection of critical cyberassets.
Our services help energy and utility organizations with:
- NERC CIP risk assessments performed by experienced, certified professionals experienced in dealing with new and legacy industrial control environments; prioritized and actionable recommendations; peer benchmarking.
- Experienced, certified security professionals, security program, policy,and procedures design, services, tools and process implementation.
- NERC CIP compliant log monitoring, log management, vulnerability management and security device management.
- Standard and customizable reporting, secure evidence repository for all NERC CIP compliance related assessments.
- A track record of delivering managed and security consulting services that meet NERC CIP requirements
- Proven services and security consulting services
- Staff deeply embedded in the utility industry with decades of combined experience