800-810-1885
Home > Industry Solutions > Energy & Utilities

Energy & Utilities

Proud Member of InfragardPresidential Directive HSPD-7 for Critical Infrastructure Identification, Prioritization, and Protection broadened the definition of infrastructure in accordance with the Patriot Act, as the physical and virtual systems that are ‘ so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety.’

We take for granted the systems and networks that make up the infrastructure of society yet a disruption to just one of those systems can have dire consequences across other sectors affecting gas distribution, electrical power generation, shutting down computerized controls and communication networks which affect road traffic, air traffic affecting emergency services.

An entire region can become debilitated because some critical elements in the infrastructure become disabled through natural disaster.

The federal government has developed a standardized description of critical infrastructure, in order to facilitate monitoring and preparation for disabling events. The government requires private industry in each critical economic sector to:

  • Assess its vulnerabilities to both physical or cyber attacks,
  • Plan to eliminate significant vulnerabilities;
  • Develop systems to identify and prevent attempted attacks;
  • Alert, contain and rebuff attacks and then, with the assistance of the Federal Emergency Management Administration (FEMA), rebuild essential capabilities in the aftermath of an attack or attempted attack.

As a result, there is a tremendous emphasis on developing and testing disaster response and recovery plans in banking and finance, transportation, power, information and communications, and federal and municipal services. We are only as strong as our weakest link.

Power and Utility Companies have a plethora of directives impacting their business operations and particularly their IT governance, risk and compliance environment. Public organizations must comply with a number of additional regulations such as Sarbanes Oxley, Health Insurance Portability and Accountability Act (HIPAA0, and various state regulations. In addition, the US Federal Energy Regulatory Commission (FERC) approved (Jan 2008) the following eight mandatory critical infrastructures protection (CIP) reliability standards:

  • Critical Cyber Asset Identification
  • Security Management Controls
  • Personnel and Training
  • Electronic Security Perimeters
  • Physical Security of Critical Cyber Assets
  • Systems Security Management
  • Incident Reporting and Response Planning
  • Recovery Plans for Critical Cyber Assets

Sword & Shield Services for Private and Public Utilities

We offer proven, practical services that balance compliance requirements with an effective program to prevent security threats.

Government Sector Solutions Benefits of the Sword & Shield Approach
Risk & Compliance Shield Risk & Compliance Shield™ uses a risk-based approach to categorize risks associated with the various applications and networks that store, process and transmit sensitive data by identifying the people, policies, processes and technology associated with business sensitive information.
Security Policy Development Written Information Security Policy documents are a formal declaration of management’s intent to protect information, and are required for compliance with various security and privacy regulations.
Web Application Testing Examines the subsystems, components, interactions and security mechanisms of the Web application and identify Web security weaknesses
Security Testing Services Reduces risks that someone with the intent to do harm could bypass security controls and gain access to sensitive information. Provides verification of security controls and meets independent, third-party assessment requirements.
Social Engineering to Test Security Awareness Training Performs Security Awareness Testing in an attempt to trick employees into divulging confidential information that may be used to compromise network defenses and critical systems.
Security Awareness Training Performs security testing and provides a comprehensive report to detail vulnerabilities present and/or exploited and provides recommendations for improving security and reducing risk.
Incident Response Provides rapid response when you suspect someone has compromised PII data on your systems.
Forensics Investigations Reduces workload on the IT department from time consuming electronic investigations and insures that evidence is preserved and admissible in a court of law.
eDiscovery Bridges the knowledge gap between IT and Agency legal department when producing electronic evidence and expert witness in litigation.
Secure Portable Workspace for the Mobile Worker or Student Simply plug Check Point’s Abra stick into any Windows-based PC and enter your credentials to immediately turn any PC into a secure, virtual network.

 

 

Some of our Certifications

Our Awards

<<< Colleges & Universities
Finance & Insurance >>>

  • About Sword & Shield

    Since 1997 Sword & Shield has been the trusted information security partner for 3000 clients in 50 states and 27 countries around the globe.

    Awards Certifications

  • Request Consultation

     
    State *

    Anti-spam captcha

    Sales answers requests within 1 business day and usually within hours.
  • Come See Us at LinkedInFollow Us On TwitterFriend Us On FacebookRSS News FeedOur Network Security Blog
Site Meter