Corporate Risk Solutions offers cyber and logical security services that are holistic programs deployed along a layers-in-depth philosophy.
Whether you are required to conduct an annual NERC CIP Cyber Vulnerability Assessment to meet compliance with the NERC CIP Reliability Standards (CIP-005, CIP-006, CIP-007) or are protecting the reliability of financial systems, medical information, intellectual property, personal identities or meeting critical regulations, enforceable, strong cyber security practices are a market requirement. Effective logical and cyber security programs, electronic security perimeters, log monitoring, password controls and hierarchical permissions are a must in today’s business environments.
Our focus is on meeting best-in-class standards to achieve a defined assurance level. Our cyber security consulting experts are experienced in providing multiple solutions and approaches to better ensure the reliability of your network.
A company’s information/ cyber security is just as important as its physical, personnel, and financial security. Without the proper protective and accountability measures in place, automated control and reporting systems will be the target for a myriad of hacks, viruses, denials of service, and other potentially crippling attacks. Further, critical information can be compromised and/or inadvertently released, posing a grave business threat to a company’s credit, market, and operational risk management efforts.
CRSI’s cyber security consulting team consists of highly skilled, certified information technology and cyber security professionals in supporting areas that include:
• Certified Ethical Hacker
• Certified SCADA Security Architect
• EC-Council Security Analyst
• System Security Certified Practitioner
• Certified in GIAC Security Essentials
• GIAC Certified Enterprise Defender
• GIAC Certified Forensic Analyst
• GIAC Certified Incident Handler
• GIAC Certified Penetration Tester
CRSI’s Cyber Security Consulting Services Include:
Cyber Security Penetration Testing
CRSI will evaluate the security of your organization’s computer system/network by simulating an attack from malicious outsiders and insiders. CRSI’s penetration testing will: determine the likelihood of a set of attackers; identify high-risk vulnerabilities; assess the magnitude of the cyber risk on business and operational impacts; test the ability of network defenders; provide evidence to support investments in security personnel and technology.
Cyber Security Vulnerability Assessment
CRSI provides a best-in-class approach that readily ensures compliance with Regulatory Standards. Our Cyber Vulnerability Assessment Methodology (OSSTMM 3.0) exceeds the criteria of the NERC CIP Standards as defined in CIP-005 R4, CIP-006 R2.2, and CIP-007 R8); meets the NIST SP800-53A and NIST SP 800-115 Standards; and meets the three-tiered approach (Interviewing, Documentation, and Technical Testing) as established in ISO 27001:2005. Click here to learn more.
Cyber Security Policy & Procedure Development
CRSI will develop and/or evaluate your current cyber security policy and procedure documents for regulatory compliance accuracy, actual business operations consistency, accuracy, effectiveness, and keeping in mind the end user.
Cyber Security Training & Awareness
CRSI will develop and implement a cyber security training program for appropriate personnel (i.e. plant managers, IT, operations, security, etc.) to increase their knowledge and general security best practices.