Natural Resources and Energy

Challenges you are facing

Cybersecurity: a serious and ongoing challenge

 

Today’s highly reliable and flexible energy infrastructure depends on the ability of energy delivery systems to provide timely and accurate information to system operators and automated control over a large, dispersed network of assets and components.

 

This vast and distributed control requires communication among millions of nodes and devices across multiple domains, exposing energy systems and other dependent infrastructures to potential harm from accidental and malicious cyberattacks.

 

Cybersecurity is a serious and ongoing challenge for the energy sector, law enforcement and governments. Cyberthreats to energy delivery systems can affect national security, public safety, and the national economy. Because the private sector owns and operates most of the energy sector’s critical assets and infrastructure, whereas governments are responsible for national security, securing energy delivery systems against cyberthreats is a shared responsibility of both the public and private sectors.

 

Compliance and regulations to the rank of major concerns

 

The challenge unquestionably lies in the management of the evolving regulatory structures in different jurisdictions, the organizations’ ability to anticipate changes in regulation and the ability to communicate the impacts to stakeholders.

 

A recent survey released by Ernst & Young* indicates that compliance and regulations are among the main concerns of companies from the energy and natural resources sectors.

 

The energy industry being required to comply with the security standards for the protection of the critical infrastructure of the North American Electric Reliability Corporation (NERC CIP) is a significant challenge.

Discovering your opportunities

Protect your critical infrastructures

 

For over 6 years BCI has developed a unique expertise in IT infrastructure security and more specifically in the natural resources industry and energy sector. BCI worked to secure information assets and help achieve compliance for customers in the United States and Canada in addition to acting as the subject matter expert for NERC-CIP compliance for North America’s largest hydroelectric generator/distributor.

 

Our expertise includes:

 

  • Security policy development;
  • Security organization;
  • Classification of resources;
  • Human resources security;
  • Physical security;
  • Physical and logical access controls;
  • Continuity of business operations;
  • Regulatory compliance services.

 

The results of our analyses are scrupulously documented in a comprehensive report that includes an assessment of each component of the security platform.

 

Our goal is to contribute to improving the compliance posture of your electronic assets subject to NERC-CIP (v3 or v5) and contribute to its long-term maintenance. You will end up with a high-level view of your current operations relative to the NERC-CIP Cybersecurity standard and with recommendations on areas that need to be addressed in order to bring your operations more into alignment with the NERC-CIP standards.