Securing the sheer volume of connected physical assets and networks across wide geographies is a complex undertaking requiring unique understanding of the systems’ interdependencies and vulnerabilities to align and work together.
We recognize that critical infrastructure development requires critical infrastructure protection. That’s why we offer our clients a Security Risk Framework to unify siloed security efforts into a cohesive framework. Our Security Risk Framework recognizes that sound cybersecurity is not possible without effective physical security. In turn, physical and cybersecurity programs cannot be effective without well-documented and communicated policies and procedures to reduce or eliminate human error, neglect or intentional acts.
Security Risk Framework
Clients that implement the comprehensive Security Risk Framework reduce their vulnerabilities, maximize budget effectiveness, minimize the consequences of a breach, and enhance response and recovery. The framework provides for continuous improvement, enabling clients to meet and maintain compliance with evolving regulatory requirements (e.g., NERC-CIP, NIST, AWWA and TSA).
Only Black & Veatch combines more than 100 years of physical infrastructure security design and construction capability with recognized subject matter expertise in utility cybersecurity, program development and implementation.
Specific capabilities include:
- Strategy development and implementation.
- Organizational maturity assessment or remediation, including NERC-CIP audit preparation.
- Program Management Office.
- Application Security Architecture Planning.
- Policy and Procedure Development, Education and Training.
- Physical and cybersecurity solution implementation and integration, including asset and network security design and construction.
- Penetration testing.