County-wide Utility Security Assessment

​

C2 Threat Solutions was retained to conduct an Enterprise-Wide Risk and Vulnerability Assessment for a County Utilities Board. This assessment involved reviewing all security policies, plans, procedures, and management protocols. The team conducted on-site inspections of various critical facilities, including the headquarters, maintenance facilities, pump stations, electrical substations, the water treatment plant, the wastewater treatment plant, operations facilities, natural gas pump stations, parking areas, and fleet parking areas.

 

During the assessment, the team evaluated access controls, physical barriers (such as fences, gates, doors, and windows), and credentialing processes for employees, contractors, and visitors. They identified compliance gaps with ASIS Protection of Assets, NERC CIP, ISO 27001, and Crime Prevention Through Environmental Design (CPTED) methodologies.

The analysis included personnel, vehicle, and material access; controlled-zone designation; key and lock management; identification and visitor systems; handling of prohibited items; and emergency procedures, including lockdowns and access for responders. A comprehensive gap analysis was performed on the performance and integration of various security systems, such as intrusion detection, physical access
control, video surveillance, physical security information management systems, and supporting communications infrastructure. Stakeholders from security, IT, Human Resources, and facilities were engaged throughout this process. 

 

The client received a detailed written report, which included a Multi-Asset Assessment Risk Analysis, a Comprehensive Access Control GAP Analysis, and an assessment of Physical Security Technology Systems. This report provided recommendations to enhance the county's security posture, improve security operations, and strengthen emergency management planning. 

​

City Water Pollution Control Plant Physical Security Risk Assessment

 

C2 Threat Solutions was retained to conduct a Physical Security Risk Assessment (PRSA) at a large Water Pollution Control Plant. The scope included a walk-through and review of critical infrastructure sites and physical barriers, physical entry and access control, security lighting, intrusion detection systems, video surveillance systems, security personnel, and security policies and procedures.  We conducted a lighting audit using a light meter with a certificate of calibration and standards traceable to the National Institute of Standards and Technology.  The client received a comprehensive written plan with recommended security measures to enhance the security posture and create a safe and secure environment for staff, visitors, and the surrounding community. 

 

County Utility Physical Security Study 

​

C2 Threat Solutions was retained to conduct a Physical Security Study of a utility company that provides electrical power to over 55,000 customers.  The project involved conducting a comprehensive physical security assessment of the infrastructure, physical security technology, organization, operations, and resourcing, as well as a review of current district policies and procedures. We utilized the DHS Interagency Security Committee (ISC) Risk Management Process (RMP) methodology on facilities and electronic security systems. We conducted a lighting audit of each facility using a light meter with a certificate of calibration and standards traceable to the National Institute of Standards and Technology.  We delivered a written report providing recommendations to strengthen the company's security posture, security operations, and emergency management planning. 

 

​

Risk and Resilience Assessment in Support of America’s Water Infrastructure Act of 2018

​

C2 Threat Solutions was retained to perform an EPA-Compliant Risk and Resiliency Assessment and Emergency Response for a utility company that provides water and wastewater services to over two million customers.  The team was comprised of specialists certified by the American Water Works Association (AWWA) in the America's Water Infrastructure Act of 2018.  The project included purposeful interviews of selected staff, identifying and conducting site assessments of critical operational facilities, vulnerability assessments of malevolent and natural hazards, including electronic security systems, access controls, perimeter security, security guard forces, a document review of security policies and procedures, workshops, and security culture using the AWWA J-100 Risk, Resilience, and CPTED Methodologies.  Additionally, we conducted a lighting audit on each assessed facility using a light meter with a certificate of calibration that is traceable to the National Institute of Standards and Technology. We delivered a written report outlining physical security performance specifications that can be utilized during new construction and the updating of existing facility measures. All identified physical and procedural standards were based on industry-accepted best practices and published standards.