Remediation of Vulnerabilities
At the conclusion of any Cyber Vulnerability Assessment, issues are usually discovered which, if left unresolved, may result in adverse effects on the Bulk Electric System (BES). These issues may range from mis-configured ports and services to non-hashed dictionary-based passwords which are over three (3) years old. Regardless, these issues or vulnerabilities will continue to pose a threat, possibly significant, which threaten the reliability of the BES.
Remediation of vulnerabilities may require tens to hundreds of hours of research and remediation actions. In order to perform these tasks in the most time/cost effective manner without affecting the reliability of the BES, the tasks must be coordinated with operations and planned appropriately. This may require more resources than an entity can afford to allocate due to other operational necessities.Read More
All CRSI personnel have at a minimum received project management training, and routinely practice this by functioning as project coordinators or project managers on CRSI projects. This instills all team members with a strong sense of the importance of the triple constraints (i.e., time, budget, and scope) of project management. Based on our experience within the energy sector, CRSI teams are already aware of the difficulties in making changes to Industrial Control Systems and supporting networking gear.
CRSI is frequently contracted by clients to manage the mitigation of compliance actions and remediation plans. Through the utilization of CRSI’s well-trained team, the burden of project planning and execution management is relieved.
CRSI strategically partnered with more than 250 electric utilities in the last five (5) years for their NERC CIP Compliance Solutions. To find out more about how to create your Security Compliance Roadmap, call us today to schedule a free, no obligation consultation.