Sheffield Scientific has developed significant NIST and ISO-based cyber security experience working with US Federal Government agencies and utility (electric, water & nuclear) industry sectors. Our staff is experienced with a variety of IT and OT systems used by utilities that can perform cyber security assessments, plant assessment & walk-down activities and program implementation.
Sheffield Scientific has four major security solutions as-a-service that improve each stage of the cyber security lifecycle. These include:
- Develop Program which focuses on security program management that is a discipline of designing, implementing and maturing security practices to protect critical business processes and OT / IT assets enterprise wide.
- Audit & Remediate which is in support of compliance which is the process of ensuring adherence to policies, which may be derived from internal directives, procedures and requirements, or from external laws, regulations (DHS, NERC, and NRC), standards (NEI, NIST, AWWA and ISO) and negotiated agreements.
- Improved & Automate is support of the security lifecycle from a physical and cyber perspective requires a culture of continuous improvement. Today’s business environment with constrained resources involves the use of process improvement and supporting technologies to automate business functions. We also provide preferred implementation services for cmplid://, a leading security management automation tool supporting multiple vertical utility sectors.
- Security Oversight that monitors security regulations and standards as they continuously evolve and acknowledges that control sets and technologies may undergo revisions, changes or become obsolete to effect customer business processes. Sheffield keeps current with evolving regulations (DHS, NERC, and NRC), standards (NEI, NIST, and ISO) and negotiated agreements to work with customers on adapting these rules into their business to minimize business disruptions.