Project Description & Scope of Work
Description
Conduct site survey and conduct a Cyber Security Assessment of the Operational Technologies (OT) and Information Technologies (IT) Interfaces including risks, proposed technical solutions and recommendations.
Scope
Assessment of OT IT Interfaces including Risks and Technical Mitigations.
- Site Security Health Check included the following Tasks:
- Security Gap Analysis - Targeted
- Architectural Review - Scaled
- Findings Report - Scaled
- Information Gathering
- Interviews & Onsite Inspection - Analyst 1 day at site
- Risk Assessment - Scaled
- Risk Mitigation Recommendations - High level general direction
- Actionable Cyber Security Report Including:
- Executive summary
- Assessment methodology overview
- Risk criteria and threat model
- Risk assessment
- Prioritised recommendations and mitigations
- Result Presentation Including:
- Overview of the process and the results for management
- High-level summary of the full report including identified weaknesses and recommended mitigations
- NIST.SP.800-82r2
- CIP-002-3 Critical Cyber Asset Identification
- CIP-003-3 Security Management Controls
- CIP0073a Systems Security Management
- CPNI - GPG - 00 Firewall Deployment for SCADA and Process Control Networks
- CPNI - GPG - 00 Process Control and SCADA Security General Guidance
- CPNI - GPG - 02 Implement Secure Architecture
- CPNI - GPG - 05 Manage Third Party Risk
Project Details
Contract No. | C232 |
---|---|
Industry | Water |
Client | DIAM |
Consultant or EPC | Public Authority for Water DIAM |
Country | Oman |
Primary Service | Cyber Security Consultancy |
Secondary Service | None |
Start Date | Mar 2017 |
Person Hours | 220 |
Status | Completed |