We have extensive experience in the Electric Power industry, and have performed many assessments of generation plants, transmission control centers, distribution control centers, AMR/AMI deployments, and Smart Grid Infrastructures. We started performing assessments of electric power SCADA, DCS, and EMS systems in 2001, and we have been UTC (Utility Telecom Council) members since 2005. Our team members have seen the evolution of the NERC CIP standards from the early Urgent Action 1200 documentation all the way through the current regulatory requirements.
We have developed our own tools, techniques, and software that allow us to quickly gather Cyber Vulnerability Assessment (CVA) information when we are onsite at these facilities. We have also developed analysis tools that allow us to quickly convert that information into actionable recommendations and findings. We can now perform a NERC CIP CVA in less than 4 weeks. We also have NERC CIP Vulnerability Assessment Report templates that have stood the test of several audit rounds. We are a trusted resource in the utility industry for cyber security training, consulting, assessments, and compliance consulting.