Skip to content

Cybersecurity & Compliance

With cyberthreats growing by the day, companies in critical industries such as ours face the constant threat of interruption of essential services and the potential disruption in maintaining plant operational safety.

Securing the Industry to Keep Critical Infrastructure Running

PFES provides industry-leading Cybersecurity expertise and advisory services within the Industrial Control System (ICS) and Operational Technology (OT) environments.

This is possible because we have access to the industry’s best Subject Matter Experts with extensive ICS/OT credentials and experience. Our experts will implement cost-effective, comprehensive solutions that will minimize customer risk exposure to cybersecurity threats and regulatory fines without impacting operations.

Cost-effective, Reliable, Secure, and Compliant Solutions

Clients look to us because of our hands-on resources, insight, and a successful track record of providing data and regulatory compliance solutions for the North American energy sector.

Our team provides utilities with audit-proven, experienced regulatory professionals that have relationships with current regional auditors to provide feedback and ensure compliance. We keep sight of the project scope and cost from front-end planning through compliance implementation.

Our Industry-Best Certified Professionals Can Help with ICS/OT Security in these Areas:

NERC CIP and NRC compliance, validation, and oversight

ICS/OT operations, compliance, security tool testing, and implementation

ICS/OT secure design, configuration, testing, implementation, and project support

Establishment of sustainable cost-effective and compliant strategies

Supply chain risk management

Mock audit and audit preparation services for NERC CIP and NRC compliance

ICS/OT cyber vulnerability assessment and remediation (NERC CIP-010-3 R3)

Self-report preparation and mitigation services for NERC CIP and NRC

Incident response, disaster recovery, and business continuity planning and testing for ICS/OT (NERC CIP 008 & CIP 009)

Risk management frameworks and risk identification, documentation, and mitigation within ICS/OT

Governance and Regulatory Compliance (GRC) workflow implementation; automation of evidence collection and validation

Policy / procedure drafting and review capabilities

Physical security (CIP-006 and CIP-014) evaluation and assessment of customer facilities

Physical security plan drafting and implementation to keep people and environments safe

NERC CIP compliance and cybersecurity awareness training

ISO 27001 security assessments

Hydroelectric cybersecurity assessment (FERC security program for hydropower projects)