County-wide Utility Security Assessment

​

C2 Threat Solutions was retained to conduct an Enterprise-Wide Risk and Vulnerability Assessment for a County Utilities Board, consisting of reviewing all security policies, plans, procedures, and managementprotocols while conducting on-site inspections of critical facilities, including headquarters, maintenance facility, pump stations, electrical substations, the water treatment plant, the wastewater treatment plant, operations facilities, natural gas pump stations, parking areas and fleet parking areas. The team evaluated access controls, physical barriers (fences, gates, doors, and windows), and credentialing processes for employees, contractors, and visitors, identifying gaps in compliance with ASIS Protection of Assets, NERC CIP, ISO 27001, and CPTED
methodologies.

We analyzed personnel, vehicle, and material access; controlled-zone designation; key and lock management; identification and visitor systems; prohibited-item handling; and emergency procedures, including lockdowns and responder access. Finally, we assessed the performance and integration of intrusion detection, physical access
control, video surveillance, physical security information management systems, and supporting communications infrastructure were reviewed comprehensively through a detailed gap analysis, engaging stakeholders from security, IT, Human Resources, and facilities.

 

The client received a written report, including a Multi-Asset Assessment Risk Analysis, a Comprehensive Access Control GAP Analysis, and a Physical Security Technology Systems Assessment, which provided recommendations to strengthen the county's security posture, security operations, and emergency management planning. 

 

City Water Pollution Control Plant Physical Security Risk Assessment

 

C2 Threat Solutions was retained to conduct a Physical Security Risk Assessment (PRSA) at a large Water Pollution Control Plant. The scope included a walk-through and review of critical infrastructure sites and physical barriers, physical entry and access control, security lighting, intrusion detection systems, video surveillance systems, security personnel, and security policies and procedures.  We conducted a lighting audit using a light meter with a certificate of calibration and standards traceable to the National Institute of Standards and Technology.  The client received a comprehensive written plan with recommended security measures to enhance the security posture and create a safe and secure environment for staff, visitors, and the surrounding community. 

 

County Utility Physical Security Study 

​

C2 Threat Solutions was retained to conduct a Physical Security Study of a utility company that provides electrical power to over 55,000 customers.  The project involved conducting a comprehensive physical security assessment of the infrastructure, physical security technology, organization, operations, and resourcing, as well as a review of current district policies and procedures. We utilized the DHS Interagency Security Committee (ISC) Risk Management Process (RMP) methodology on facilities and electronic security systems. We conducted a lighting audit of each facility using a light meter with a certificate of calibration and standards traceable to the National Institute of Standards and Technology.  We delivered a written report providing recommendations to strengthen the company's security posture, security operations, and emergency management planning. 

 

​

Risk and Resilience Assessment in Support of America’s Water Infrastructure Act of 2018

​

C2 Threat Solutions was retained to perform an EPA-Compliant Risk and Resiliency Assessment and Emergency Response for a utility company that provides water and wastewater services to over two million customers.  The team was comprised of specialists certified by the American Water Works Association (AWWA) in the America's Water Infrastructure Act of 2018.  The project included purposeful interviews of selected staff, identifying and conducting site assessments of critical operational facilities, vulnerability assessments of malevolent and natural hazards, including electronic security systems, access controls, perimeter security, security guard forces, a document review of security policies and procedures, workshops, and security culture using the AWWA J-100 Risk, Resilience, and CPTED Methodologies.  Additionally, we conducted a lighting audit on each assessed facility using a light meter with a certificate of calibration that is traceable to the National Institute of Standards and Technology. We delivered a written report outlining physical security performance specifications that can be utilized during new construction and the updating of existing facility measures. All identified physical and procedural standards were based on industry-accepted best practices and published standards.