Protecting SCADA, Industrial Control Systems (ICS) & Building Automation (BA)
Are Your ICS/BA/SCADA Systems Ready for the Risk Management Framework (RMF)?
RMF is the replacement for DIACAP. All systems currently not certified under DIACAP must be certified under RMF. Current DIACAP certified systems have to meet RMF compliance for re-certification. Are you and your organizations ready?Are your systems ready?
- Electronic Security Systems: perimeter security, badge access, CCTV/Video, etc.
- Building Automation Systems: HVAC, Lighting, Chillers/Boilers, etc.
- SCADA: water treatment, power grid, etc.
- Utility Monitoring and Control Systems
- Programmable Logic Controllers (PLC)
- FIPS 199, NIST 800-37, NIST 800-60, CNSSI No.1253 and others
Our Security Professionals Can Help.
Our certified security professionals have multiple years of experience helping organizations implement NIST/DIACAP requirements. We can quickly navigate through the NIST controls and develop a cost-effective implementation plan that builds on your current security posture – saving you time, freeing your critical resources up to do their job and saving you money.
Our Services Include:
- Preparation for passing the appropriate Government Certification and Accreditation (C&A) to obtain an Authority to Operate (ATO) and Authority to Connect (ATC)
- Recommendation of controls based on Mission, Data Sensitivity and the Impact of loss or exposure
- Secure Testing and Evaluation (ST&E) Audits
- Document the security control processes (management, technical and operational), in DR/COOP (Disaster Recovery/Continuity of Operations Plan), Security Functional Architecture, Secure Configuration Guide, Configuration Control Plans and System Security Plans
- Define custom Threat models and provide Vulnerability Risk Assessments specific to your systems, environment and processes
- Develop, implement, test and monitor risk mitigation management procedures
- Coordinate multi-organizational stakeholders on policies, procedures, buy-in, training, preparation, secure deployment and on-going operations
- Secure Systems Engineering: Assess & report on your entire system of systems including controls, proposed products, protocols, configurations, known vulnerabilities, encryption methods and Security Architecture Designs
- Software Assurance Code Analysis and Penetration Testing