Schedule a Consultation

Security and Preparedness

divider icon
Home
Our Services
Security and Preparedness

Proven Procedures

Boost operational resilience with expert services that reinforce utility preparedness, physical security, and response to emerging threats.

Real-World Scenario Testing
Stronger Incident Response
Improved Employee Awareness
Resilient Recovery Plans
Ransomware Readiness
Vendor Risk Protection

Security and Preparedness Services

Cyber Security Incident Response Plan Testing – Securing the Grid (STG)

Securing the Grid (STG) is a tabletop physical and cyber security evaluation exercise we created to test entities’ incident response readiness. Each scenario is customized to the participants’ facility and assets, bringing the experience to life. We offer STG exercises in virtual and in person onsite formats to best fit the needs of the entity and the time they have allocated. Each STG includes Cyber and Physical security incident scenarios and comes with an After-Action Report that details the incident scenarios, the client responses, best practices, and Utility Services observations specific to the entity’s responses and conclusions.

Security Awareness and Training

95% of all hacks and data breaches are caused by human error. Training includes educational, awareness-based content as well as skill development to help employees understand the threats they face and take the right action to prevent security incidents.

Recovery Plan Testing

The objective of testing a recovery plan is to understand the shortcomings within the plan and it is possible to find quick solutions before they deteriorate and disrupt the ability to re-establish key business operations. This exercise allows for an organization’s disaster recovery plan so that they can be well-equipped to cope with any incident that may impinge on critical business processes.

Ransomware Plan Testing

Testing a Ransomware Plan tests an organization’s preparedness for an attack and this tabletop simulation of real-life scenarios provides a safe environment to practice and explore potential responses to a ransomware cyberattack and see if an organization’s Ransomware Policy requires updating. Testing this plan before an attack is a major part of surviving a ransomware infection.

Business Continuity Plan Testing

Business continuity plan (BCP) testing is a method of analyzing how prepared your employees are in an emergency. In this tabletop risk-to-reality exercise, employees and disaster recovery teams will work together to find a solution and recover lost data, personnel issues, communications technologies, or damaged property.

Disaster Response Plan Testing

Specific Tabletop Exercise(s) used to evaluate a disaster recovery plan should vary based on business needs, risk tolerance, and the specifics of the Disaster Recovery Plan. In this tabletop risk-to-reality exercise, employees and disaster recovery teams will work together to find a solution and recover lost data, personnel issues, communications technologies, or damaged property.

Vendor Security Risk Assessment

Utility Services evaluates how an organization manages third-party vendor risks prior to, during, and after the contractual stage associated with outsourcing normal business operations. This assessment determines whether a vendor has implemented the necessary controls and defensive measures that would effectively mitigate any potential impact on our client’s operations.

Frequently Asked Questions

divider icon
Absolutely. Cyberattacks, both in general and ones specifically targeting critical infrastructure, have increased dramatically in recent years. Furthermore, there have been several high-profile examples of small utilities being specifically targeted because attackers know they often have fewer resources dedicated to cybersecurity, yet they still provide essential services to communities. It’s essential for all utilities to take the threat of cyberattacks seriously and prepare accordingly.
Testing a procedure document is essential to ensure preparedness for all parties who would be involved in a real world incident. No matter how good your plans are on paper, a test of those plans will improve team communication and surface possible areas of improvement so any challenges are addressed before a potential crisis.
Each testing service addresses a specific type of threat or disruption: • Incident Response Testing focuses on immediate reaction to active security breaches. • Recovery Plan Testing evaluates your ability to restore operations after any disruption. • Ransomware Testing specifically prepares for extortion-based attacks that lock your systems. • Business Continuity Testing ensures critical operations can continue during disruptions. • Disaster Response Testing prepares for physical disasters like storms or equipment failures. Many utilities benefit from testing multiple plans since real-world incidents often trigger multiple response protocols simultaneously.
A picture of Maureen at a generator facility
AN image of cooling towers
“We truly appreciate the assistance and guidance that Utility Services provided us as we navigated through the NERC standards and the NPCC requirements.”
General Manager
Rhode Island Public Power Utility
“We truly appreciate the assistance and guidance that Utility Services provided us as we navigated through the NERC standards and the NPCC requirements.”
General Manager
Rhode Island Public Power Utility
“We truly appreciate the assistance and guidance that Utility Services provided us as we navigated through the NERC standards and the NPCC requirements.”
General Manager
Rhode Island Public Power Utility
Stay Compliant and Confident.

Talk with an Expert Today.

divider icon
Contact Us
Schedule a Consultation

We use cookies to improve your experience and analyze traffic on our website. By clicking “Accept” you consent to our use of cookies and tracking. Read our Cookie Policy to learn more.

Ok, I Accept
Cookie Policy