Services

Advisory Services/Consulting

Advisory and consulting services are provided over a range of topics designed to assist organizations in enhancing security and making risk-informed decisions. Considerations in implementing security, including cyber security, include a range of factors such as organizational behaviors, legal and regulatory requirements, and the operational environment of the systems themselves. CSSC has expertise in providing guidance for critical infrastructure in the energy and nuclear areas. This expertise includes development of international guidance and policy, the interface of information and operational technologies, and the safety-security interface.

Assurance Activities/Assessment

Assurance activities provide a level of confidence in the security measures and processes that an organization has in place. CSSC can conduct, or assist in conducting, assessments and security exercises focused on organizational policy and process.

Human Resource Development/Training

Human resource development is a key element of sustainable security within any organization. Research studies regularly show that human error is a main contributor to a security event or that human actions negatively impact a security response. Staff can be the biggest asset or the weakest link in protection of critical systems. CSSC can provide training to fit your organization’s needs. Offerings range basis awareness development for executive management, policy makers, and decision makers to more technical training for security control implementation and evaluation. Additionally, CSSC can help organizations establish an internal training program.

Advising/Consulting Areas

Information Assurance/Cyber Security)

  • Cyber risk informed decision making
  • Cyber-Physical Attack Protection
  • Design Basis Threat (DBT) development and evaluation
  • Executive risk awareness development
  • Industrial Control Systems Security
  • Insider threat identification and mitigation
  • Interdependency identification and impact analysis
  • Physical Protection Systems (PPS) Security
  • Policy/Program development
  • Regulation development and assessment
  • Security culture development and evaluation

Consulting By Industry

  • Government
  • Energy (Nuclear, Fossil, Renewables)
  • Critical Infrastructure