Cybersecurity for Facility Related Control Systems

Subject Matter Expert support in fulfilling Cybersecurity Requirements for U.S. DoD and USACE/NAVFAC projects.

Cybersecurity for Facility Related Control Systems

Subject Matter Expert support in fulfilling Cybersecurity Requirements for U.S. DoD and USACE/ NAVFAC projects.

Challenges

Projects procured by USACE/NAVFAC in Europe NATO member countries are subject to Cybersecurity (also defined as Information Assurance) requirements for Building Management Systems (also defined as Facility-Related Control Systems). Fulfillment of those requirements requires both, understanding of the cybersecurity Risk Management Process and knowledge about building systems technology.

How can we help?

The scope of our engagement includes providing support to the General Contractor in meeting Information Assurance requirements as required by the Risk Management Framework (RMF) processes described in the DoDI 8500.01, DoDI 8510.01 and UFC 1-410-06 set of standards and norms.
We provide DoD-required experts with proven experience and certification as described in DoD 8570.01-M.

We offer:

Vulnerability scans: Conduct security vulnerabilities scan, using the required tools.

Cybersecurity documentation preparation: Completion of required documentation in accordance with IA requirements. Subcontractor support in fulfillment of the required contract submittals.

Control mechanism implementation: Implementation of control mechanisms in form of configuration of hardware/software, contained in documents referred to as STIG (Security and Technical Implementation Guide).

Cybersecurity architecture analysis: Verification if the equipment and software used to implement the cybersecurity controls meets the Specification requirements. Analysis of the availability and configuration of control mechanisms implemented in devices.

General contractor support: Ongoing support and control over the progress of contractors’ work regarding cybersecurity scope. Prepare and enforce the work schedule. Provide SME for discussions with the contracting authority.

Cybersecurity gap mitigation: Preparation of detailed plan for mitigation of the vulnerabilities discovered during the scans and audits.

Benefits

Accurate guidance and support throughout cybersecurity requirements fulfillment process.

Ongoing support and control over the progress of contractors’ work allowing timely completion of tasks.

Minimizing additional system implementation costs through tailored requirements analysis and ongoing support.

Help to meet the specific documentation and procedural requirements set by the Risk Management Framework, ensuring adherence to industry regulations and improving overall security and compliance.

Actionable recommendations to address the identified gaps and guide General Contractor and subcontractors in meeting the provided requirements.

Providing technical expertise in developing and implementing appropriate, pragmatic ways to implement IA requirements.

Contact us - we will prepare an offer