Securing Existing Infrastructure
Organizations in critical infrastructure industries are building industrial cyber programs to address the cybersecurity needs of their existing assets. Black & Veatch’s Cyber Asset Lifecycle Management (CALM) services provide solutions for the design, implementation, and ongoing management of cybersecurity programs to protect the company's operational assets.
Comprehensive Solutions
Building industrial cyber programs can be an uphill climb. From unclear roles and responsibilities, investment and budget constraints, and friction between IT and OT, organizations are challenged to get an effective program up and running. CALM accounts for the financial, operational, and organizational realities that must be addressed to establish and run a robust cyber program. Aside from being a technically strong solution, CALM ensures it’s an implementable and sustainable one.
It determines where a client stands in their cyber journey and ensures that the appropriate services and solutions are recommended to help them reach their objectives. It’s the initial step any company needs to take, at any stage of their cyber journey, to achieve the organizations cybersecurity goals.
Assessments/Roadmap
Master Plans
Organizational Design
Lifecycle Planning
Policy Reviews and Modification
Asset Inventory
Threat/Vulnerability Analysis
Penetration Testing
Vulnerability Assessments
Tabletop Exercise
Red Teaming
Security Architecture Review
Segmentation Review
Configuration Review
Governance & Regulation Planning
The implementation phase includes activities related to programs (such as policies, organizational design, governance) and technical aspects (such as network segmentation, asset and vulnerability management, and quality assurance) that require a hands-on approach. These services are typically executed once the cybersecurity goals have been established.
Program Implementation
Organizational Design
Training
Policy Development
Incident Response Plan Development
Governance Management
Technical Implementation
Hardening
Segmentation
Asset Management
Vulnerability Management
IDS Deployment
Backup and Recovery Development
The services related to the ongoing operations of an asset, whether it’s managed services, lifecycle management, or monitoring, are all tied to operating in a safer and more secure way. They aim to improve the overall cybersecurity resilience of an organization and shorten the recovery time in case of an incident or attack. They are designed to bridge the gap between where our clients currently are and where they would like to go, providing the necessary skillset and expertise to achieve all aspects of their cybersecurity initiatives.
Monitoring
Managed Services
Asset Management
Vulnerability Management
Backup Management
Incident Response Support
Recovery Support
Threat Intelligence
Governance & Regulation Management
Lifecycle Management
Ongoing Security Enhancement
The services and solutions included in the decommissioning phase are designed to safely remove and destroy the cyber assets and technologies used in critical operations. These services help clients ensure that the right information is collected and safely removed when the equipment is taken out of service, protecting their operations from future vulnerabilities.
Decommissioning Cyber Plan
Cyber Cleansing
Program Reach
Our CALM services address both programmatic and site-level dimensions.
Program-level capabilities refer to the aspects of a program that apply across all locations, like policy development, incident response capabilities and governance.
The site-level dimension refers to the technologies and capabilities that need to be implemented and maintained at each asset location, like hardening, asset management and vulnerability management.
Considering both site and program-level dimensions fits naturally with the way organizations are currently managing their operations.
Let's Talk Cyber
Contact us to get learn how we can help you enhance your organization’s cybersecurity program.
Related Perspectives
