MG Strategy+ Industrial Control Systems Group

MG Strategy+ provides multidisciplinary engineering, procurement, planning, consulting, management and technology solutions for a broad range of critical integrated systems and critical infrastructure solutions and sectors. The MG Strategy+ Industrial Control Systems Group has specific focus, capability and expertise as follows:

MGS+ ICS Security Alerts Analysis Intelligence - Industrial Cyber Security

  • Computer Emergency Report, Readiness and Incident Responses.
  • Monitoring and responding to major incidents, analyzing threats, and exchanging critical cyber security information with trusted partners.
  • Advisories – Advisories provide timely information about current security issues, vulnerabilities, and exploits .
  • Alerts – notification to critical infrastructure owners and operators concerning threats or activity with the potential to impact critical infrastructure computing networks.
  • Reports – White Papers, Technical Information Papers and Awareness Reports
  • Industrial Control Systems Security Alerts Analysis Intelligence Data Service
Client Login Here

MGS+ ICS Security Assessments

  • Vulnerability Assessments
  • Industrial Control Systems Assessments
  • Application Security Assessments and Source Code Security Review
  • Risk Assessments
  • Device Security Evaluations
  • Advanced Protocol Security Analysis
  • Wireless Security Assessments
  • Voice over IP (VoIP) Security Assessments
  • Physical Security Assessments
  • Social Engineering and Security Awareness Exercises
  • Enterprise Security Assessment

MGS+ ICS Security Governance and Procedures Development: NERC CIP Compliance Consulting

NERC CIP services including but not limited to the following:

  • Critical Cyber Asset Inventory validation (CIPv3)
  • CIP-002-3 Risk-Based Assessment Methodology validation (CIPv3)
  • BES Cyber Asset Inventory Validation (version 5 and beyond)
  • BES Cyber System Identification Workshops (version 5 and beyond)
  • Mock Audits
  • NERC CIP-008 and CIP-009 facilitated exercises (i.e. CIP-008 Tabletop)
  • Cyber Vulnerability Assessments (CIPv3)
  • Vulnerability Assessment both Active & Passive (CIPv5 & beyond)

 

MGS+ ICS Security Governance and Procedures Development: HIPAA Compliance Consulting

HIPAA Compliance Consulting including but not limited to the following:

  • HIPAA Security Remediation Services
  • Managed Compliance Services
  • PCI Compliance Review Services
  • HIPAA Privacy and Breach Notification Assessment Services
  • Customized Policies and Procedures
  • HIPAA Security Assessment Services
  • Data Breach Prevention
  • Security Incident Investigation & Management
  • Audit Preparation
  • HIPAA Risk Management

MGS+ ICS Cyber Security Vulnerabilities Oversight, Procedures and Audit

We develop cyber security programs to develop better client understanding of industrial control systems (ICS) vulnerabilities and identify the key steps and programs they to protect their ICS; includes structure of typical policies and procedures that should be in place at ICS sensitive and critical facilities.

MGS+ ICS Cyber Security Vulnerabilities Oversight and Audit- Typical Policies and Procedures
Delegation of Manager Authority from Executive Level
System Security Management Plan
Security Incident Response and Recovery Plan
Vulnerability Assessment Plan
Electronic Security Perimeter (ESP) Procedure
Change Management Procedure
Device List Procedure – identify and classify cyber assets
Declaring and Responding to an Exceptional Circumstance Procedure
Access controls for information protection
Acceptable use Policy
Training and Personnel Policy

MGS+ ICS Cyber Security Vulnerabilities Oversight and Audit – Related Policies and Procedures Development
ICS cyber security Advisory related:
Risk Management as it relates to the cyber-security measures implemented at various facilities
Overall ICS design that meets the business needs of the organization, but has designed security in the architecture
Policy and compliance issues varied for public institutions, private corporations and the type of industry being reviewing

MGS+ ICS Cyber Security Vulnerabilities Oversight and Audit – Additional Service Deliverables / Guidelines
Inform and make more capable, the client’s Office to understand, assess, measure and evaluate industrial control systems (ICS) cybersecurity needs, demands and actions, as it related to investments in IT
Empower the client’s Office with stronger Oversight, Risk Definitions and Governance Structures to manage industrial control systems (ICS) vulnerabilities and to strengthen Financial Audit, Performance Audit and Governance & Accountability.
Integrate into the client’s Office Information Technology Capability and Self-Assessment
Broaden the client’s Office for Oversight of IT Investments

Client Login Here