MANAGED CYBERSECURITY SERVICE PROVIDERS FOR …...Content filtering services may be provided such as...

October 2017

MANAGED CYBERSECURITY SERVICE PROVIDERS FOR ELECTRIC UTILITIES PREPARED FOR:THE AMERICAN PUBLIC POWER ASSOCIATION AND THE NATIONAL RURAL ELECTRIC COOPERATIVE ASSOCIATION

BY: PRESCOUTER

< PREVIOUS >

| iManaged Cybersecurity Service Providers for Electric Utilities

Acknowledgment

This material is based upon work supported by the Department of Energy, Office of Electricity Delivery and Energy Reliability under Award Numbers DE-OE0000807 and DE-OE0000811.

Disclaimers

NRECA and APPA Disclaimer: This report is not an endorsement of the companies, products, or services referenced herein. NRECA, APPA and the report authors assume no liability for how readers may use this report or any damages resulting from its use. There is no warranty or representation that the use of this report does not infringe on privately held rights or that this report is complete, up-to-date or accurate. Readers are encouraged to perform due diligence in applying this report to their specific needs.

Department of Energy Disclaimer:This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor any agency thereof, nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government or any agency thereof. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or any agency thereof.

Table of ContentsAcknowledgment.............................................................................................................................. i

Disclaimers......................................................................................................................................... i

PreScouter's Statement of Work ................................................................................................. ivThe Business Challenge ................................................................................................ ivAreas of Interest ............................................................................................................ iv

Report Organization........................................................................................................................ vDescription of Categories and Icon Legend ................................................................. v

Section 1 Executive Summary .................................................................................................. 1

Organization.................................................................................................................. 1Proposed Next Steps ..................................................................................................... 1

Section 2 Summary Tables......................................................................................................... 3On-site Systems Integration Consulting....................................................................... 3Systems Management of the Client’s Network ............................................................ 4Managed Security Monitoring...................................................................................... 5Incident Management Forensics Analysis Services...................................................... 7Penetration Testing and Vulnerability Assessments .................................................... 9

Section 3 Company Descriptions ............................................................................................. 11AlienVault...................................................................................................................... 11Alpine Security.............................................................................................................. 12Brier & Thorn ................................................................................................................ 13Carbon Black, Inc. ......................................................................................................... 14Center for Internet Security (CIS) ................................................................................. 15Cisco Systems, Inc. ........................................................................................................ 16Datashield...................................................................................................................... 17Delta Risk LLC .............................................................................................................. 18Digital Guardian ........................................................................................................... 19Digital Hands ................................................................................................................ 20DNV GL......................................................................................................................... 21Duff & Phelps ................................................................................................................ 22EiQ Networks, Inc. ........................................................................................................ 23EventTracker.................................................................................................................. 24FireEye ........................................................................................................................... 25Fortinet Security Services.............................................................................................. 26Hitachi Systems Security .............................................................................................. 27LogRhythm.................................................................................................................... 28Lumension Security Inc ................................................................................................ 29Masergy ......................................................................................................................... 30Morphick ....................................................................................................................... 31

< PREVIOUS >

Managed Cybersecurity Service Providers for Electric Utilities — Table of Contents | ii

Mosaic451 ...................................................................................................................... 32N-Dimension Solutions, Inc. ......................................................................................... 33Netwatcher .................................................................................................................... 34Nexum, Inc. ................................................................................................................... 35NTT Security ................................................................................................................. 36Nuspire Networks......................................................................................................... 37Palo Alto Networks ....................................................................................................... 38Proficio........................................................................................................................... 39Rapid7............................................................................................................................ 40RAVENii ........................................................................................................................ 41Redhawk........................................................................................................................ 42RedSeal, Inc. .................................................................................................................. 43Rendition Infosec .......................................................................................................... 44root9B............................................................................................................................. 45SageNet.......................................................................................................................... 46SecureWorks .................................................................................................................. 47SecurIT360 ..................................................................................................................... 48Security On-Demand .................................................................................................... 49Sedara ............................................................................................................................ 50Sera-Brynn ..................................................................................................................... 51Solvere One ................................................................................................................... 52SpearTip......................................................................................................................... 53Symantec ....................................................................................................................... 54Tagrem Security............................................................................................................. 55Trustwave ...................................................................................................................... 56Wipro, Ltd ..................................................................................................................... 57

< PREVIOUS >

Managed Cybersecurity Service Providers for Electric Utilities — Table of Contents | iii

PreScouter's Statement of Work

Single file encryption softwareSecurity Information and Event Management Mobile device encryptionBring your own device (BYOD) — provision-ing for company and personal devices Subscriptions to threat information intelligence feeds

< PREVIOUS >

Managed Cybersecurity Service Providers for Electric Utilities — Statement of Work | iv

centralized management, intrusion detection/prevention, loss prevention, etc.Privilege Identity Management that includes the ability to manage shared accounts and administrator accounts.Patch Management solution that includes discovery of new patches and ability to group devices and deliver patches.Vulnerability assessment tools that allow assessing network and system threats.

• MSSPs that offer bundled services. Morespecifically the MSSP provides at least one ofthe following four service domains as part oftheir bundle of offered services:End-point security solution that includesmalicious code management (preferablywhite listing to reduce administrativeoverhead, host-based firewalls with

• MSSPs that have experience providing services to the electricity sector. This does not have to be their only service market, but it should be included in their potential service market.

• MSSPs that focus on Ethernet enabled devices, not serially-connected devices. While primary systems that need to be secured fall within traditional IT systems (desktops, servers, etc.), this report focuses on MSSPs that can also provide cybersecurity tools/techniques to secure Ethernet enabled ICS devices (e.g. systems commonly referred to as relays, programmable logic controllers, reclosers, remote terminal units, protocol converters, etc.) and MSSPs with service offerings for security monitoring, secure configuration management, and vulnerability assessments for the ICS devices.

• MSSPs that emphasize their ability to offer services to small businesses. The emphasis is on MSSPs that focus on, or have experience servicing, small systems with less than 100 assets.

• Where available, each entry also highlights MSSPs that provide services in any of the following domains:

*The information provided by PreScouter for this report was collected from publicly available websites, not from direct contact with the MSSPs.

The Business Challenge

The American Public Power Association (Public Power) and the National Rural Electric Cooperative Association (NRECA) represent thousands of not-for-profit, community- and consumer-owned electric utilities. Their member utilities are responsible for delivering reliable, affordable electricity to a majority of the United States. These utilities are relatively small and may be resource-limited in terms of IT staffing. Public Power and NRECA member utilities are often located in geographic regions that provide limited access to trained cybersecurity personnel. The goal of this report is to aid members that may be looking to outsource their cybersecurity work by providing a catalogue of potential cybersecurity service providers working in this growing field. Readers are encouraged to perform due diligence in applying this report to their specific needs.

Areas of InterestThis report identifies managed security service providers (MSSPs) that offer commercial-off-the-shelf (COTS) solutions. The report’s target audience is utilities with few, if any, IT staff and/or access to cybersecurity expertise. (However, the content provided within may be useful for utilities of all sizes and staffing levels.) These utilities may rely on third parties to provide Information Technology (IT) services and cybersecurity. In some cases, the person responsible for cybersecurity may have a primary role in an administrative field, not a technical field. This may be a staff member in finance/billing, office management, community outreach, etc. This report identifies MSSPs who can fill the gap that existing staff resources cannot meet in terms of cybersecurity expertise. Each entry focuses on one commercial solution/MSSP capable of satisfying some or all of the following criteria:

Report Organization

Description of Categories and Icon Legend

< PREVIOUS >

This is customized assistance to assess business risks, and then identify and integrate appropriate technologies and business processes to address prioritized cyber risks. A system integrator’s core function is to bring together component subsystems into one system and enable those subsystems to function seamlessly together. In the context of this effort, the systems integrator consultant’s core service will help secure product integration of both security subsystems and subsystems that are not primarily security focused.

This service involves installing, upgrading, and managing the network hardware andsoftware infrastructure such as firewalls, routers and switches, Virtual Private Net-works (VPN) for remote access, intrusion prevention and detection technologies, andbusiness applications such as electronic mail, billing and finance services, and webservices. These providers may also provide services for configuration management,monitoring, and firewall access control. Regular reports would be provided to theclient regarding network utilization, systems’ health monitoring, and records thatdemonstrate actions taken for security patching and security monitoring. It is possiblethat managed security monitoring will be bundled into a systems management service.

This is the day-to-day monitoring and interpretation of important system events throughout the network—including anomalous communication, such as malicious code, denial of service (DoS), anomalies, and trend analysis. It is one of the suggsted first steps in an incident response process. Intrusion detection management, either at the network level or at the individual host level, involves providing intrusion alerts to a customer, keeping up-to-date with new defenses against intrusions, and regularly reporting on intrusion attempts and activity. Content filtering services may be provided such as email filtering and other data traffic filtering. It is quite possible that these services will be bundled in a systems management service.

These services would be used after a cybersecurity incident to rapidly respond to the incident, assess the loss, implement measures to try to: stop or reduce continued losses; reduce the vulnerabilities used by the attacker; restore affected systems and services; and implement changes that aim to reduce the likelihood of another incident. These services may also be included in either a managed security or system management service.

This includes one-time or periodic network penetration tests to simulate an attacker’s ability to compromise a network by exploiting existing vulnerabilities. The penetration test can be performed from an external attacker’s perspective, with limited knowledge of the target, or from an insider threat perspective, leveraging known configurations and vulnerabilities. Vulnerability assessments use automated or manual scanning of the hardware and software to find weaknesses in the implementations that could be exploited by an attacker.

ON-SITE SYSTEMS INTEGRATION CONSULTING

SYSTEMS MANAGEMENT OF THE CLIENT'S NETWORK

INCIDENT MANAGEMENT FORENSICS ANALYSIS SERVICES

MANAGED SECURITY MONITORING

PENETRATION TESTING AND VULNERABILITY ASSESSMENTS

Managed Cybersecurity Service Providers for Electric Utilities — Report Organization | v

Organization

INTRODUCTION:

PreScouter identified and presented companies that provide cybersecurity products and services that might be relevant to members of NRECA and APPA based upon provided criteria explained in the Statement of Work.

SEGMENTS ADDRESSED INTHIS REPORT:

The report has been organized alphabetically. Icons, as well as the summary table segmentation, indicate the categories of providers to which each company belongs. The categories are as follows:

• On-site Systems Integration Consulting

• Systems Management of the Client’sNetwork

• Managed Security Monitoring

• Incident Management ForensicsAnalysis Services

• Penetration Testing and VulnerabilityAssessments

See Report Organization on page v for a detaileddescription of these categories.

INSIGHTS IN THIS REPORT:

1. A large number of cybersecurity providers

are available that service the utility/electricity sectors and have specificofferings for small business that matchthe needs identified by NRECA andAPPA.

2. The largest number of companiesidentified belong to the categories ofManaged Security Monitoring andPenetration Testing & VulnerabilityAssessments.

3. Although cybersecurity services areglobally available, this research revealednumerous providers focused on the NorthAmerican market.

4. No single company was found that pos-sessed all the focus areas, and that offeredall of the critical and non-critical servicesrequired.

Proposed Next Steps

Moving forward, organizations wishing to use this report to select a cybersecurity provider can take the following steps: 1. Determine and prioritize the relevant

cybersecurity needs for your organization.

2. Use this report, in addition to otherresources available to your utility toidentify appropriate companies for yourparticular cybersecurity needs:*

• Use the summary table to quicklyunderstand which of the companiesmatch the criteria most relevant to yourorganization.

• Review company descriptions to betterunderstand the profile and offerings foreach provider, and to obtain contactinformation to get in touch with theprovider.

< PREVIOUS >

Executive Summary

Managed Cybersecurity Service Providers for Electric Utilities — Executive Summary | 1

*This report is not intended to provide a comprehensive or complete list of MSSPs. Additional MSSPs will be added over time.

• Discuss offerings with all providers thatseem relevant and determine if the levelof security provided is above, below, orlevel with your organization’srequirements.

3. Understand costs of outsourcingcybersecurity to these companies byasking for detailed quotes, includinginstallation fees as well as recurring costs.

4. Select one or multiple providers,including, but not limited to, using theinformation in this report, to meet yourutility's specific needs.

< PREVIOUS >

Managed Cybersecurity Service Providers for Electric Utilities — Executive Summary | 2

Managed Cybersecurity Service Providers for Electric Utilities — Summary Tables | 3

< PREVIOUS >

SERVICE OFFERINGS (Y/N) FOCUS AREAS (Y/N)

Privileged Single File Security Mobile Bring Your Subscriptions to Electricity SmallEndpoint Data Patch Vulnerability Encryption Information and Device Own Device Threat Information Managed Security NERC CIP Sector Business

Company Page Security Management Management Assessments Software Event Management Encryption Provisioning Intelligence Feeds Service Provider Compliance Experience Focus

C2M2 Domain

ACM, TVM ACM, IAM TVM TVM ACM SA, IR ACM ACM, IAM TVM, ISC EDM EDM N/A N/A

Digital Hands 20 • • • • • • • •

EventTracker 24 • • • • • Hitachi Systems 27 • • • • • • • • •

Security

Lumension 29 • • • • • • • • • • •

Masergy 30 • • • • • • • Mosaic451 32 • • • • • • • • •

N-Dimension 33 • • • • • • • • NTT Security 36 • • • • • • • • • • Nuspire Networks 37 • • • Palo Alto Networks 38 • • • • Proficio 39 • • • • • • • Rapid7 40 • • • • • • • • Rendition Infosec 44 • • • • • root9B 45 • • • • • Security On-Demand 49 • • • • • • • • • • • Symantec 54 • • • • • • • • •

Summary Tables

On-site Systems Integration Consulting


< PREVIOUS >




C2M2 Domain


Brier & Thorn 13 • • • • • • • • Center for Internet 15 • • • • Security (CIS)

Cisco Systems 16 • • • • • • • • • • Digital Hands 20 • • • • • • • • Fortinet 26 • • • • • • • • Mosaic451 32 • • • • • • • • •

N-Dimension 33 • • • • • • • • Nexum 35 • • • • • • • • NTT Security 36 • • • • • • • • • • Proficio 39 • • • • • • • Rapid7 40 • • • • • • • • RAVENii 41 • • • • • • • • • • RedSeal 43 • • • • • • Security On-Demand 49 • • • • • • • • • • • Symantec 54 • • • • • • • • •

Systems Management of the Client’s Network


< PREVIOUS >




C2M2 Domain


Alpine Security 12 • • • • • • Brier & Thorn 13 • • • • • • • • Carbon Black 14 • Cisco 16 • • • • • • • • • • Datashield 17 • • • • • • Delta Risk 18 • • • • • • • Digital Guardian 19 • • • • • • • Digital Hands 20 • • • • • • • • EiQ Networks 23 • • • • • • • • EventTracker 24 • • • • • Fortinet 26 • • • • • • • • Hitachi Systems 27 • • • • • • • • •

Security

LogRhythm 28 • • • • • • • Lumension Security 29 • • • • • • • • • • • Masergy 30 • • • • • • • • • Morphick 31 • • • • • Mosaic451 32 • • • • • • • • •

N-Dimension 33 • • • • • • • •

Netwatcher 34 • • • • • • Nexum 35 • • • • • • • •

Continued

Managed Security Monitoring


< PREVIOUS >




C2M2 Domain


NTT security 36 • • • • • • • • • • Nuspire Networks 37 • • • Proficio 39 • • • • • • • Rapid7 40 • • • • • • • • RAVENii 41 • • • • • • • • • • Redhawk 42 • • • • • • • Rendition Infosec 44 • • • • • root9B 45 • • • • • SageNet 46 • • • • • • • SecureWorks 47 • • • • • SecurIT360 48 • • • • • • • Security On-Demand 49 • • • • • • • • • • • Sedara 50 • • • • • • • Sera-Brynn 51 • • • • Solvere One 52 • • • • • SpearTip 53 • • • • • • Symantec 54 • • • • • • • • • Tagrem 55 • • • • • • • Trustwave 56 • • • • • • • • • Wipro 57 • • • • •

Managed Security Monitoring (Cont.)


< PREVIOUS >

Continued




C2M2 Domain


Alpine Security 12 • • • • • • Brier & Thorn 13 • • • • • • • • Center for Internet 15 • • • • Security (CIS)

Delta Risk 18 • • • • • • • Digital Guardian 19 • • • • • • • DNV GL 21 • • • • • • • • Duff & Phelps 22 • EiQ Networks 23 • • • • • • • FireEye 25 • • • • • • Fortinet 26 • • • • • • • • LogRhythm 28 • • • • • • Lumension 29 • • • • • • • • • • • Morphick 31 • • • • • Mosaic451 32 • • • • • • • • • Nexum 35 • • • • • • • • NTT Security 36 • • • • • • • • • • Nuspire Networks 37 • • • Proficio 39 • • • • • • • Rapid7 40 • • • • • • • • Rendition Infosec 44 • • • • • SecureWorks 47 • • • • • • •

Incident Management Forensics Analysis Services


< PREVIOUS >




C2M2 Domain


SecurIT360 48 • • • • • Security On-Demand 49 • • • • • • • • • • • Sedara 50 • • • • • • • Solvere One 52 • • • • • SpearTip 53 • • • • • • Symantec 54 • • • • • • • • •

Incident Management Forensics Analysis Services (Cont.)


< PREVIOUS >

Continued




C2M2 Domain


AlienVault 11 • • • • • • Alpine Security 12 • • • • • • Brier & Thorn 13 • • • • • • • • Cisco 16 • • • • • • • • • • Delta Risk 18 • • • • • • • Digital Guardian 19 • • • • • • • Digital Hands 20 • • • • • • • • Duff & Phelps 22 • FireEye 25 • • • • • • Fortinet 26 • • • • • • • • Hitachi Systems 27 • • • • • • • • • Security

Lumension 29 • • • • • • • • • • • Masergy 30 • • • • • • • • •

Morphick 31 • • • • • Mosaic451 32 • • • • • • • • •

N-Dimension 33 • • • • • • • • Nexum 35 • • • • • • • • NTT Security 36 • • • • • • • • • • Nuspire Networks 37 • • •

Penetration Testing and Vulnerability Assessments


< PREVIOUS >




C2M2 Domain


Proficio 39 • • • • • • • Rapid7 40 • • • • • • • • RAVENii 41 • • • • • • • • • • Redhawk 42 • • • • • • • RedSeal 43 • • • • • • Rendition Infosec 44 • • • • • root9B 45 • • • • • SageNet 46 • • • • • • • SecureWorks 47 • • • • • • • SecurIT360 48 • • • • • Security On-Demand 49 • • • • • • • • • • • Sedara 50 • • • • • • • Sera-Brynn 51 • • • • Solvere One 52 • • • • • SpearTip 53 • • • • • • Symantec 54 • • • • • • • • • Tagrem 55 • • • • • • • Trustwave 56 • • • • • • • • • Wipro 57 • • • • •

Penetration Testing and Vulnerability Assessments (Cont.)

Managed Cybersecurity Service Providers for Electric Utilities — Company Descriptions | 11

Company Descriptions

< PREVIOUS >

WWW.ALIENVAULT.COM

DESCRIPTION OF COMPANY:

AlienVault is a platform provider whichemphasizes work with mid-market businessesand organizations, and the company has expe-rience in the energy and utility industries,including working with electric companies aswell as ICS/SCADA environments.

ADDITIONAL DETAILS:

• Founded in 2007.

• Headquartered in San Mateo, CA.

• 200–500 employees.

• More than 3,000 commercial customersworldwide.

• Serving mid-sized companies to largegovernment agencies.

• Has electricity sector experience.

• Has NERC CIP v5 compliance expertise.

• Has ICS/SCADA systems expertise.

DESCRIPTION OF SERVICES/PRODUCTS PROVIDED:

• Platform is able to integrate otherendpoint security products.

• Vulnerability assessments servicesare offered.

• Unified Security Management (USM)software simplifies ICS/SCADA securityand facilitates NERC CIP v5 compliance.

• Security information and eventmanagement through USM.

• Solution provides up-to-date informationon intrusion protection, vulnerabilities,etc. through the company’s Open ThreatExchange (OTX).

• Can assist clients to find AlienVaultcertified MSSPs.

• Platform is specifically targeted for ITteams with limited budget and resourcesfor mid-size organizations.

Alien Vault 1875 S. Grant Street, Suite 200, San Mateo, CA 94402

(650) 713-3333

https://www.alienvault.com/contact

• Security Information and Event Management• Subscriptions to Threat Information Intelligence

Feeds• Vulnerability Assessments

HTTPS://WWW.ALIENVAULT.COM

WWW.ALPINESECURITY.COM/SERVICES/MANAGED-SECURITY-SERVICES

< PREVIOUS >


Alpine Security is an MSSP with strong focuson education and training.

ADDITIONAL DETAILS:




• Serves small to medium businesses.

• A part from managed services, Alpine has astrong training program on cybersecuritysuites for clients.

• Business focused on operation in NorthAmerica.


• Alpine Security provides Endpoint Securitycoupled with Intrusion Prevention &Detection services.

• Alpine Security provides data lossprotection services.

• SIEM services is offered through AlpineSecurity + “Bit9 + Carbon Black Connect”Alliance Program and consists of networksecurity and analytics, Firewall Adminis -tration and Monitoring, Authenticationand Access Control, Intrusion Prevention& Detection, and Threat Intelligence.

• Other important services include WirelessAccess Control and Authentication andAccess Control.

• For the Enterprise Security Analysis, Alpineperforms holistic audits, checks documen-tation, checks operation security, andcovers controls for industry-based audits(PCI DSS, HIPAA, ISO, etc.) that can beleveraged for NERC CIP Compliance.

Alpine Security 7 Eagle Center, O’Fallon, IL 62269

(844) 925-7463

[email protected]

• Endpoint Security• Security Information and Event Management• Subscriptions to Threat Information Intelligence



WWW.ALPINESECURITY.COM/SERVICES/MANAGED-SECURITY-SERVICES

WWW.BRIERANDTHORN.COM/EN/ENERGY.HTML

< PREVIOUS >


Brier & Thorn 1855 1st Avenue, Suite 103, San Diego, CA 92101

(858) 381-4977

[email protected]

• Endpoint Protection• Patch Management• Privileged Data Management• Security Information and Event Management• Subscriptions to Threat Information Intelligence



Brier & Thorn works with the ‘middle market’and across industries. In particular, Brier &Thorn is as much a security consultancy firmas it is an MSSP, and it can discuss and developsolutions using third party OTS software tai-lored to the requirements of a given business.

ADDITIONAL DETAILS:

• Headquartered in San Diego, CA.

• Global company with offices in Mexico,London, and Stuttgart.

• Has experience in the energy sector.

• Has experience with energy companiessecuring modern ICS and SCADA systems.

• Focused on businesses with 50+ employees.


• Provides endpoint security and monitoring,but builds on systems already used byclients (not an integrator).

• Provides vulnerability assessments inthe form of continual monitoring of thenetwork, quarterly vulnerability scanning,and yearly penetration testing. Expertisein Internet of Things (IoT) penetrationtesting.

• Brier & Thorn has experience in the energyindustry sector and experience with ether-net connected devices and utility specificdevices.

• Brier & Thorn performs case studies in theenergy industry.

WWW.BRIERANDTHORN.COM/EN/ENERGY.HTML

WWW.CARBONBLACK.COM

< PREVIOUS >


Carbon Black, Inc. 1100 Winter St., Waltham, MA 02451

(617) 393-7400

[email protected]

• Endpoint Security• Patch Management• Security Information and Event Management• Vulnerability Assessments


Carbon Black, Inc. (formerly Bit9, Inc) is asecurity company that develops endpointsecurity software.

ADDITIONAL DETAILS:


• Headquartered in Waltham, MA.

• 500+ employees.

• Has offices in Texas, Singapore, the UK,Tokyo, and Australia.

• Has approximately 2,000 worldwide cus-tomers, including 25 of the Fortune 100.


• Enables prioritized patch managementwith IBM BigFix and endpoint security.

• File integrity monitoring is provided.

• Only approved wireless access points areavailable on the network.

• SIEM 24x7 Security log management.

• Application control.

• Machine learning antivirus protection.

www.carbonblack.com

WWW.CISECURITY.ORG/CYBERSECURITY-TOOLS

< PREVIOUS >

Center for Internet Security (CIS)

31 Tech Valley Drive, Suite 2, East Greenbush, NY 12061

(518) 266-3460

[email protected]


The Multi-State Information Sharing & Analy-sis Center (MS-ISAC®) has been designated by Department of Homeland Security (DHS)as a key resource for cyber threat prevention, protection, response, and recovery for the nation’s state, local, territorial, and tribal(SLTT) governments. Through its 24/7 Security Operations Center, the MS-ISACserves as a central resource for situationalawareness and incident response for SLTT governments.

ADDITIONAL DETAILS:

• Nonprofit entity founded in 2000.

• Headquartered in East Greenbush, NY.


• Has offices in Arlington, VA.


• Multi-State Information Sharing & AnalysisCenter (MS-ISAC) as a part of Managed Se-curity Services (MSS) provides monitoringand/or management of security devicesthat include Security Event Analysis and24/7 Notifications, Firewalls, IDS (IntrusionDetection System)/IPS (Intrusion Preven-tion System), Web Proxy, and Endpoint.

• Vulnerability assessment is fee basedand includes Network Assessment, WebApplication Assessment — includingmanual analysis of reported vulnerabilities,prioritization of vulnerability remediation— customized reporting & vulnerabilityremediation support, and Payment CardIndustry (PCI) compliance scanning.

• SIEM is offered using the Albert service formembers and include Network & ComputerForensic Analysis, Log & Malware Analysis,Access to the Malicious Code AnalysisPlatform (MCAP), and RemediationConsulting.

• The CIS Security Operations Center (SOC)receives information from a variety ofdifferent sources; the information isanalyzed to determine the need for thecreation of advisories or bulletins. Theseneeds include: threats, vulnerabilities,exploits, attacks, and compromises.Notifications and immediate remediationsteps are provided.




https://www.cisecurity.org/cybersecurity-tools

< PREVIOUS >


Cisco Systems, Inc. 170 West Tasman Dr., San Jose, CA 95134

(866) 428-9596

https://engage2demand.cisco.com/LP=567?ecid=136

• Bring Your Own Device Provisioning forCompany and Personal Services

• Endpoint Security• Mobile Device Encryption• Patch Management• Privileged Data Management• Security Information and Event Management• Subscriptions to Threat Information Intelligence

Feeds


Cisco is a corporation with many products and services available. In particular, Cisco hasspecific security offerings for small businesses.

ADDITIONAL DETAILS:


• Headquartered in San Jose, CA.

• Almost 72,000 employees.

• Works with businesses of all sizes.

• Has experience working with utilities.

• Has experience with all industries.

• Small business focus from the smallbusiness team.


• Provides endpoint security, malware detec-tion software, and threat managementwhich responds in real time for all devices.

• Data management, Cisco Defense Orches-trator allows cloud-based managementof accounts.

• Patch management included in manage-ment services offered by Cisco.

• Mobile device encryption and Bring YourOwn Device (BYOD) provisioning for com-pany and personal services is provided bya secure mobility client, allowing employ-ees to work anywhere on any device.

• Cloud-based email security offered as aservice.

• Offers network management and datastorage as other services.

• Also provides hardware if the networkrequires it.

WWW.CISCO.COM

WWW.CISCO.COM

WWW.DATASHIELDPROTECT.COM

< PREVIOUS >


Datashield 455 E 200 S, Suite 100, Salt Lake City, UT 84111

(866) 428-4567

[email protected]

• Endpoint Security• Security Information and Event Management• Vulnerability Assessments


Datashield is an MSSP that offers a wide variety of cybersecurity services.

ADDITIONAL DETAILS:


• Headquartered in Salt Lake City, UT.


• Has offices in Scottsdale, AZ.

• Services customers in Energy, Finance,Government, Retail, Defense, Gaming,Manufacturing.



• Has NERC CIP compliance expertise.


• Major services/products offered: ManagedDetection and Response, Security Analytics(SA) — Security Information and EventManagement (SIEM), Incident Response —Hunting — Cyber Threat Intelligence, andCompliance.

• Endpoint security and monitoring isprovided through the proprietary toolDATASHIELD PROTECT™.

• Vulnerability assessments are implementedthrough ShieldVision software fromDatashield. It allows for Rapid AutomatedQuerying, Real Time Alerting, and histori-cal querying, all working in tandem withnew-threat intelligence. Both manual andautomated vulnerability identification areprovided, along with scanning capabilityfor comprehensive network monitoring.

• Datashield provides for NERC CIP com -pliant Log Monitoring, Log Management,Vulnerability Management and SecurityDevice Management. The services are apart of DATASHIELD Managed SecurityServices and Security Consulting Services.

WWW.DATASHIELDPROTECT.COM

< PREVIOUS >


Delta Risk LLC 106 S. St. Mary’s Street, Suite 601, San Antonio, TX 78205

(210) 293-0707

[email protected]

• Endpoint Protection• Mobile Device Encryption• Security Information and Event Management• Subscriptions to Threat Information Intelligence



Delta Risk is a managed security serviceprovider helping clients build advanced cyberdefense and risk management capabilities.

ADDITIONAL DETAILS:


• Headquartered in San Antonio, TX.


• Has offices in Arlington, VA and King ofPrussia, PA.

• Works with businesses of all sizesand industries.



• Has ICS/SCADA expertise.


• Endpoint security offered through com-pany’s ActiveEyeSM and ActiveResponseSM

service.

• Security advisory service provided to helpclient develop security programs or assessexisting security efforts, determine vulnera-bility, and provide training to clients.

• Security information and event manage-ment solution offered.

• Keep clients informed on threat informa-tion and intelligence through newsletterand regular webinars.

• NERC CIP compliance through thecompany’s ActiveEyeSM and ActiveInsightSM

services.

• Managed detection and response serviceprovides 24/7 detection and response.

• Penetration testing service offeredincluding: internal and external network,wireless network, mobile application,physical device, as well as social engi -neering penetration.

• Cloud application security.

WWW.DELTA-RISK.COM

https://www.digitalhands.com/

HTTPS://DIGITALGUARDIAN.COM

< PREVIOUS >


Digital Guardian 860 Winter Street, Suite 3, Waltham, MA 02451

(781) 788-8180

[email protected]

• Endpoint Security• Mobile Device Encryption• Privileged Data Management• Single-File Encryption Software• Subscriptions to Threat Information Intelligence

Feeds


Digital Guardian is a digital product provideroffering managed security programs for threatprotection, data loss prevention, and data protection.

ADDITIONAL DETAILS:


• Headquartered in Waltham, MA.


• Has offices in Reston, VA, Santa Clara, CA,and Lehi, UT.

• Has energy sector experience.


• Endpoint security offered using company’sApplication Control platform that uses acontext-aware approach to control high-risk apps without restricting users.

• Privileged data management throughcompany platform’s content and context-aware control to ensure security of privi-leged users.

• Digital Guardian also offers automated,policy-based usage control and encryptionfor devices, removable devices, as well asemail for security. The platform can auto-matically identify and encrypt sensitivedata for devices.

• Threat information and intelligenceprovided through webinars andknowledge base.

• Managed threat protection service isprovided to offer protection againstzero-day attacks, polymorphic malware,ransomware, and other attacks.

• Offers cybersecurity team that’s available24/7.

• Provides proactive threat hunting andincident response.

• Managed security service that centersaround data protection.

HTTPS://DIGITALGUARDIAN.COM

< PREVIOUS >


Digital Hands 400 N. Ashley Drive, Suite 900, Tampa, FL 33602

(877) 229-8020

https://www.digitalhands.com/about/contact

• Bring Your Own Device Provisioning forCompany And Personal Devices

• Endpoint Security• Privileged Data Management• Security Information and Event Management• Subscriptions to Threat Information Intelligence



Digital Hands is a U.S.-based Managed Serv-ices Provider (MSP). It has core competenciesproviding Managed Cybersecurity Services,Managed Network Infrastructure Services, andEnd-user Services (Service Desk/Help Desk).It serves both public and private organizationsthrough IT Cybersecurity and Network sup-port.

ADDITIONAL DETAILS:



• Managed Security Service Providerfor small- to large-scale businesses andproduction site.


• Provides endpoint security and controlusing various security suites. For example:Aruba, Barracuda, McAfee, Microsoft, RSA,Palo Alto, Cisco Check Point SoftwareTechnologies, Symantec.

• Digital Hands provides data managementusing secure servers and cloud-basedoptions. Automatically secures critical datain cases of active threat/breach. DigitalHands uses security solutions from variousproviders, such as McAfee, RSA (EMC).

• Vulnerability assessments offered throughUnified Threat Management Services(UTM) by Digital Hands comprises featuressuch as Web Application Firewall, IntrusionDetection, Intrusion Prevention, AntivirusProtection, Anti-Spam Protection, DataLoss Prevention, and Content Filtering.

• Digital Hands does offer E-mail encryptionservices.

• SIEM & Event Log Management is offeredto track network activity, analyzing forsuspicious or unauthorized events.

• Provides for BYOD Management, whichallows workers to use their own personaldevices, such as laptops, smartphones,and tablets, to perform their functionson the go.

WWW.DIGITALHANDS.COM/SERVICES/MSSP

WWW.DIGITALHANDS.COM/SERVICES/MSSP

WWW.DNVGL.COM/SERVICES/CYBER-SECURITY-FOR-ELECTRICITY-UTILITIES-17937

< PREVIOUS >


DNV GL One International Boulevard Crossroads Corporate Center,Suite 406, Mahwah NJ 07495

(201) 512-8900

https://www.dnvgl.com/contact/group.html

• Endpoint Security• Mobile Device Encryption• Patch Management• Security Information and Event Management• Subscriptions to Threat Information

Intelligence Feeds• Vulnerability Assessments


DNV GL is an international certification bodyand classification society with main expertisein technical assessment, advisory, and riskmanagement. DNV GL is an accredited certi-fier of electricity generation and distributioncomponents. It was created in 2013, but theoriginal version of the organization wasfounded in 1864.

ADDITIONAL DETAILS:

• Headquartered in Baerum, Akershus,Norway.

• Has offices in over 15 states in the UnitedStates.



• Customers include small businesses,enterprise, and mid-size organizations.

• According to a 2015 company report DNVGL has 80,000+ customers, 350 offices inover 100 countries, and annual revenue of2.4B NOK.

• Annually, DNV GL invests heavily in R&Dwhich amounts to 5% of its total revenue.

• DNV GL operates the world’s largest highpower and voltage test laboratory.


• Control system architecture reviews, riskassessment methodology, and securityarchitecture design are a few of the servicesavailable.

• DNV GL provides cybersecurity supportto utilities throughout the project lifecyclefor SCADA/EMS/DMS and DCS/PLCimplementations.

• Security guidelines for remote access tocontrol systems.

• Control system architecture reviews,Risk assessment methodology, Securityarchi tecture design.

• Incident response exercise developmentand facilitation.

• Network penetration and applicationsecurity testing.

• Security infrastructure hardening.

• cybersecurity health test (whitebox testing),including security testing of energy IT,smart grid and smart meter componentsand detailed report back of findings andpossible mitigation measures.

https://www.dnvgl.com/services/cyber-security-for-electricity-utilities-17937

WWW.DUFFANDPHELPS.COM

< PREVIOUS >


Duff & Phelps 55 East 52nd Street, 31st Floor, New York, NY 10055

(212) 871-6366

http://insights.duffandphelps.com/contact-us

• Vulnerability Assessments


Duff & Phelps analyze security posture anddevelop plans to prepare for, respond to, andrecover from a security compromise. Clientsinclude publicly traded and privately heldcompanies, law firms, government entities and investment organizations such as privateequity firms and hedge funds.

ADDITIONAL DETAILS:


• Has more than 2,000 professionals locatedin more than 70 offices in 20 countriesaround the world.

• Develops cybersecurity and complianceframeworks that are aligned with SECOCIE Risk Alert or other applicableregulatory agency.

• Has experience with the energy andmining sector.


• Vulnerability assessments performed aspart of the services.

• Penetration testing and vulnerabilityscanning.

• Create a Written Information SecurityPolicy (WISP).

• Development of an Incident ResponsePlan (IRP).

• Conduct third-party vendor due diligence.

• Sensitive and critical data identificationand classification.

• End-user cybersecurity training.

• Phishing tests.

• Ongoing Cybersecurity Advisory Services“Virtual Chief Information Security Officer”(vCISO).

WWW.DUFFANDPHELPS.COM

WWW.EIQNETWORKS.COM

< PREVIOUS >


EiQ Networks, Inc. 60 State Street, Boston, MA 02109

(617) 337-4880

[email protected]

• Endpoint Security• Patch Management• Security Information and Event Management• Subscriptions to Threat Information Intelligence



EiQ Networks’ origins are in analysis of logfiles across web servers, file servers, firewalls,and other network devices, before moving tothe SIEM market.

ADDITIONAL DETAILS:


• Headquartered in Boston, MA.


• SOC2 Type 1 Certified Service Provider.



• EiQ’s SOCVue Security Monitoring servicehelps organizations address NERC CIPby providing 24/7/365 security monitor-ing and reporting on system events andcritical security controls, as required byCIP-007-5 R4.

• Typical vulnerability assessments include:Discovering IT assets, Classifying,Scanning, Remediating, and Verifying.

• Only approved wireless access points areavailable on the network.

• 24/7 Security log.

• Forensic analysis.

• Log Management.

WWW.EIQNETWORKS.COM

< PREVIOUS >

514 NE 13th Street, Fort Lauderdale, FL 33304

(866) 559-2170

[email protected]


Feeds


EventTracker (formerly Netsurion) offers achoice of Firewalls and IDS, Managed networksecurity, data security, Wi-Fi access points, PCIcompliance, broadband monitoring, SIEM andThreat monitoring.

ADDITIONAL DETAILS:

• Founded in Houston, Texas in 1989.

• In 2016, Netsurion merged with Event-Tracker.

• EventTracker is now headquartered in Ft.Lauderdale, Florida.

• The company has about 51–200 employees.

• Has offices in St. Louis, Missouri,Columbia, Maryland, and Houston, Texas.


• EventTracker provides endpoint securitysolutions using a newly launched(Jan. 2017) managed SIEM solution, SIEM-at-the-Edge. With a simple sensor deployedto critical servers and point-of-sale (POS)systems, the software would alert and takecorrective actions for any anomalies orsuspicious activities.

• The company does offer services with datamanagement and big data analysis of vari-ous log files. One of the related services iscalled File integrity monitoring (FIM).

• Vulnerability assessments are offered throughEventTracker’s Vulnerability AssessmentsService (ETVAS), which allows clients toschedule vulnerability scans to meet clientrequirements, such as weekly, monthly orquarterly scans.

• EventTracker provides enterprise-gradeequipment combined with security archi-tecture that provides a managed networksolution. This security is coupled withSIEM that can pinpoint a threat in real-timeand alert customers immediately, and takedefined remedial actions. To this end,EventTracker monitors all the endpoints,detecting a wide range of suspect eventsacross the network and devices.

WWW.EVENTTRACKER.COM

EventTracker (formerly Netsurion)


WWW.EVENTTRACKER.COM

WWW.FIREEYE.COM

< PREVIOUS >


FireEye 1440 McCarthy Blvd., Milpitas, CA 95035

(408) 321-6300

[email protected]

• Endpoint Protection• Security Information and Event Management• Subscriptions to Threat Information Intelligence



FireEye is a security technology and con -sultation provider covering all aspects of an institute’s security needs.

ADDITIONAL DETAILS:


• Headquartered in Milpitas, CA.

• 1,000–5,000 employees.

• Has offices in Alexandria and Reston, VA,Draper, UT, and New York, NY.

• More than 4,400 customers in more than45 countries.

• Works with both small and mediumbusinesses and Forbes’ Global 2000companies.

• Has experience serving regional utilitycompanies, as well as utility districts.



• FireEye has the capacity for endpointsecurity. It uses an adaptive platformthat utilizes advance analytics beyondsignature-based defense to providevisibility of known or unknown threats.

• Vulnerability assessments services areoffered. FireEye provides assessment onsecurity programs, identifies a compromise,helps setup response plan, as well as com-prehensive health checks for SCADA andICS environments.

• Up-to-date information on intrusionprotection, vulnerabilities, and others.

• Additional services provided: emailand network threat management, threatanalytics and forensics, incident responseservice/retainer.

WWW.FIREEYE.COM

< PREVIOUS >


Fortinet Security Services

899 Kifer Road, Sunnyvale, CA 94086

(408) 235-7700

https://www.fortinet.com/corporate/about-us/contact-us.html

• Endpoint Protection• Mobile Device Encryption• Patch Management• Privileged Data Management• Subscriptions to Threat Information Intelligence



The company develops and markets cyber -security software, appliances, and servicessuch as firewalls, anti-virus, intrusion preven-tion and endpoint security, among others.

ADDITIONAL DETAILS:


• Headquartered in Sunnyvale, California,with offices around the globe.

• Has more than 4,000 employees.

• Customers include small businesses,mid-size organizations, and largeenterprises.

• Company has more than 300,000customers.

• Has SCADA systems expertise.


• Vulnerability scans.

• Mobile security service.

• Database security control.

• Application control and IPS.

• Web application security service.

• Botnet IP and registration.

• Application and user-identityawareness.

• Content security with integratedintrusion prevention.

• Antivirus.

• Web filtering.

• SSL encryption/decryption.

• Advanced threat detection andremediation.

WWW.FORTINET.COM/FORTIGUARD/THREAT-INTELLIGENCE/FORTIGUARD-SUBSCRIPTION-SERVICES.HTML

https://www.fortinet.com/fortiguard/threat-intelligence/fortiguard-subscription-services.html

https://www.fortinet.com/corporate/about-us/contact-us.html

WWW.HITACHI-SYSTEMS-SECURITY.COM


Hitachi Security Systems (formerly Above Secu-rity) is an MSSP which emphasizes work withsmall/medium businesses and has experiencein the energy and utility industries, includingworking with plant equipment and PCSs.

ADDITIONAL DETAILS:


• Works with both small/medium businessesand fortune 500 companies.


• Four security operations offices in Canada,Mexico, and Switzerland. Also servescompanies in over 45 countries aroundthe world.


• Above Security aka Hitachi SecuritySystems uses a flexible system whichmanages third party solutions and can betailored to the requirements of the small/medium business.

• Patch management is available if it isincluded in third party software managedby Hitachi Security Systems for end-pointsecurity. Log management system patchesare delivered by Hitachi Security Systems.

• Vulnerability assessments services areoffered. Hitachi Security Systems willidentify the key information assets of thesystem, determine vulnerabilities, andprovide recommendations and compre -hensive reports to strengthen security.

• Security Information and Event Managementis handled by the ArkAngel platform. Logsare stored by Hitachi Security Systems andanalyzed to assess potential threats andimprove security. On-demand access isprovided and the security of log retentiondevices is constantly monitored. HitachiSecurity Systems offers options for Ethernet-enabled devices and has experienceworking with PCS and SCADA systems.

Hitachi Systems Security 6431 Longhorn Dr., Irving, TX 75063

(450) 430-8166

https://www.hitachi-systems-security.com/contact-us

• Endpoint Protection• Patch Management• Privileged Data Management• Security Information and Event Management• Subscriptions to Threat Information Intelligence


Managed Cybersecurity Service Providers for Electric Utilities — Company Descriptions| 27

< PREVIOUS >

WWW.HITACHI-SYSTEMS-SECURITY.COM

HTTPS://LOGRHYTHM.COM

< PREVIOUS >


LogRhythm 4780 Pearl East Circle, Boulder, CO 80301

(303) 413-8745

[email protected]




LogRhythm specializes in Threat LifecycleManagement, which empowers organizationsaround the globe to rapidly detect, respond toand neutralize damaging cyberthreats.

ADDITIONAL DETAILS:


• Headquartered in Boulder, CO.


• Customers include Energy and Utilities,Banking and Finance, Healthcare, Defense,Retail.





• LogRhythm uses customized EndpointBehavior Analysis and a Threat Detectiontool with big data analytics combined intothe system to detect endpoint anomaliesand eliminate compromised hosts.

• As a part of its Retina CS servicesLogRhythm provides for VulnerabilityAssessments and remediation, accurateasset discovery policy drive scans andmisconfiguration identification.

• Advanced Agent Technology fromLogRhythm includes the so-calledactive encryption and File IntegrityMonitoring (FIM).

• SIEM services are provided through itsNext-Gen SIEM tool.

• LogRhythm incorporates threat intelli-gence from STIX/TAXII-compliantproviders, commercial and open sourcefeeds, and internal honeypots, using anintegrated threat intelligence ecosystem.The platform uses this data to reducefalse-positives, detect hidden threats,and prioritize marked concerns.

• Generate irrefutable network-basedevidence for threat analysis, policyenforcement, and legal action.

HTTPS://LOGRHYTHM.COM

WWW.LUMENSION.COM

< PREVIOUS >


Lumension Security Inc 8660 East Hartford Drive, Scottsdale, AZ 85255

(602) 566-5900

[email protected]

• Endpoint Security• Patch Management• Privileged Data Management• Security Information and Event Management• Single-File Encryption Software• Subscriptions to Threat Information Intelligence



Lumension is a security software solutionprovider that offers endpoint management,data protection, managed security service, andproactive risk management, to improve auditreadiness for NERC CIP.

ADDITIONAL DETAILS:



• Has offices in Austin, TX.

• Serves more than 3,000 clients globally.

• Works with businesses and industries ofall sizes.




• Endpoint security, privileged data man-agement offered using the company’sLumension Scan, Devise Control, Appli -cation Control, AntiVirus, and SecurityConfiguration Management software.

• Security advisory service provided tohelp client model incoming threat anddevelop security programs or assessexisting program.

• Encryption software for whole diskencryption.

• SIEM through company platform.

• Stay on top of latest security trendsthrough company’s webcasts.

• NERC CIP compliance (CIP-002-1, 003-1,005-1 to 009-1) provided through com-pany’s various software platforms includ-ing Patch and Remediation, ApplicationControl, and the Scan software.

• Lumension’s MSSP maintains all securityrelated hardware and software, performassessment and threat remediation, andprovide ongoing security monitoring.

• Onsite deployment service as well assecurity training.

• Security plan design.

WWW.LUMENSION.COM

< PREVIOUS >


Masergy 2740 North Dallas Parkway, Suite 260, Plano, TX 75093

(866) 588-5885

[email protected]

• Bring Your Own Device Provisioning forCompany and Personal Devices (only forcommunications through Masergy’s app)




Masergy owns and operates its own softwareplatform for managed security, hybrid net-working, and cloud communication.

ADDITIONAL DETAILS:







• Endpoint security and monitoring isprovided through the APTM (AdvancedPersistent Threat Management) modulewhich is a part of the Unified EnterpriseSecurity suite of the Masergy’s managedsecurity solutions.

• Integrated vulnerability assessments/scanning, which automatically correlatesresults with IDS/IPS.

• SIEM includes integrated real-time moni-toring, log management/ archival, analysisand reporting, learning normal networkbehaviors and correlate all sub-system datato identify abnormal behaviors.

• BYOD is allowed for communicationsusing Masergy’s app.

• Provides custom routers to managesecurity risks in case connected withpersonal devices.

• Provides Network Access Policy Monitor-ing — Defines and enforces corporatenetwork security policy with continuousmonitoring and advanced behavioralnetwork analysis and correlation.

• Expert services for compliance andpenetration testing.

WWW.MASERGY.COM

WWW.MASERGY.COM

< PREVIOUS >


Morphick 4555 Lake Forest, Suite 150, Cincinnati, OH 45242

(844) 506-6774

http://www.morphick.com/contact

• Endpoint Security (with endgame security)• Security Information and Event Management• Subscriptions to Threat Information Intelligence


Description of company:

Morphick is a computer security company thatemploys customized and adaptive systems toprovide security for its clients.

ADDITIONAL DETAILS



• Offers services to all businesses andcustomizes its offerings to each business.

Description of services/products provided:

• Primary offerings are threat detection andresponse, and endpoint threat detectionand response.

• Endpoint security: Morphick partnerswith Endgame and delivers both threatdetection and response systems, alongwith Endgame’s endpoint threat detectionand response.

• Vulnerability assessments: a-la-cartesecurity defense assessment (examinesthe security of the system), and com -promise assessment (determines ifthere exists a current security breach).

• Creation of custom threat detectionroutines to target specific problems ifthey arise.

• Focus on repelling repeat or persistentattackers by dynamically changing thesecurity posture of the business withoutaffecting its running.

• Proactive threat hunting — Morphickdoesn’t just respond to threats, its analystsactively monitor the network to detectknown and unknown threats.

• One of a small number of firms to beawarded the NSA’s Cyber IncidentResponse Assistance (CIRA) certification.

WWW.MORPHICK.COM

WWW.MORPHICK.COM

WWW.MOSAIC451.COM

< PREVIOUS >


Mosaic451 3838 North Central Ave., Suite 2050, Phoenix, AZ 85012

(888) 364-0803

https://www.mosaic451.com/company/about-us/contact

• Endpoint Protection• Patch Management• Security Information and Event Management• Vulnerability Assessments


Mosaic451 is an information security companywith a focus on Security Operations Center(SOC) and Network Operation Center (NOC)services.

ADDITIONAL DETAILS


• Headquartered in Phoenix, AZ.

• Has 95 employees.

• Has offices in Las Vegas, NV, Portland OR,and Boston, MA.


• Provides information security services forcompanies at a national level includingthose in Power, Gas Extraction, FinancialServices Sector, Transport, Government,and K-12 Education.




• Mosaic451 provides security softwaremanagement, including patch manage-ment.

• Mosaic451 provides vulnerabilitymanagement services

• Log Management.

• The company proposes a hybrid modelwith on-site dedicated SOC and remotemonitoring.

• Key controls and compliance reportingfor regulations such as PCI, HIPAA, SOX,FISMA, and CIP.

• Offers SCADA compliance solutions.

WWW.MOSAIC451.COM

WWW.N-DIMENSION.COM

< PREVIOUS >


N-Dimension Solutions, Inc.

15305 Dallas Parkway, Suite 300, Addison, TX 75001

(905) 707-8884

[email protected]





N-Dimension solutions delivers comprehensivemanaged security services specifically tailoredto protect critical energy infrastructure fromcyber threats and vulnerabilities, improvingsystem reliability and safe guarding assets.

ADDITIONAL DETAILS

• Founded in 2001 with < 50 employees.

• Creates solutions specially designed for theutility sector and has worked with a largenumber of utility companies.





• N-Dimension’s solution provides on-goingassessment of endpoints (including servers,ICSs, desktops, laptops, smartphones andmore) connected to a network, providingan up-to-date view of vulnerabilities in thesystem. Daily reports provide recommen-dations and prioritization of vulnerabilities.It also provides cybersecurity experts achance to review reports and answerquestions as they arise.

• Provides monitoring and vulnerabilityassessments for ICS, DCS, SCADA, etc. Italso provides this service for users personaldevices (laptops, smartphones, etc.) if theymust be connected to the network.

• N-Dimension provides a comprehensivemonitoring solution which manages eventinformation, provides alerts, and recom-mendations for further action.

• Maintains up-to-date intelligence on thelatest threats for effective monitoring andassessment.

• N-Dimension is capable of making recom-mendations of which partners and servicesmay be required for the given client.

http://www.n-dimension.com

HTTPS://NETWATCHER.COM

< PREVIOUS >


NetWatcher 1861 Wiehle Ave, Suite 250, Reston, VA 20190

(202) 630-7849

https://netwatcher.com/contact

• Bring Your Own Device Provisioning forCompany And Personal Services

• Endpoint Security• Patch Management• Security Information and Event Management


NetWatcher is a medium and small businessfocused MSSP with technology built for themid-market.

ADDITIONAL DETAILS




• Affordable managed security solutionsincluding detection and monitoring ofsecurity events.

• Endpoint security, for VPNs, log forward-ing and behavioral monitoring, also worksif mobile users connect via unsecuredWi-Fi.

• Patch management, software is kept up todate and maintained by NetWatcher.

• NetWatcher offers detailed reporting on thesecurity of the network, including potentialvulnerabilities and security incidents.

• NetWatcher’s software allows users toconnect remotely and remain secure andmonitored.

• NetWatcher also provides monitoringof file integrity and logs to ensure data issecure.

• Endpoint health and hygiene scoresallow quick assessment of the state ofthe network.

• NetWatcher provides support andguidance on how to best deal withsecurity issues.

HTTPS://NETWATCHER.COM

WWW.NEXUMINC.COM

< PREVIOUS >


Nexum, Inc. 190 S. LaSalle St., Suite 1450, Chicago, IL 60603

(312) 726-6900

https://www.nexuminc.com/company/contact

• Endpoint Security• Privileged Data Management• Patch Management• Security Information and Event Management• Subscriptions to Threat Information Intelligence



Nexum is dedicated to computer security with offerings that target small and mediumbusinesses and with particular experience inmilitary applications.

ADDITIONAL DETAILS:


• Headquartered in Chicago, IL.


• Has particular offerings for small andmedium businesses.


• Separates offerings into identification,protection, and detection services, andhas offerings aimed at small businessesfor all of these.

• Endpoint security which organizes,monitors, and administrates networks.

• Privileged data management providescustom configurations after consultation.Nexum has experience developing andimplementing these systems for militaryapplication where security is a highpriority.

• Patch management services to deliverpatches and software updates, and keepsthe system and configurations up to dateas part of its management services.

• Vulnerability assessments as a separateservice.

• SIEM as part of the management service.Nexum collects, collates, retains, andanalyzes logs in real time to determinethe security of the network.

• Has a large number of clients in primarilypublic services and military.

• Offers on-site support, if requested.

WWW.NEXUMINC.COM

WWW.NTTSECURITY.COM

< PREVIOUS >


NTT Security 9420 Underwood Avenue, Omaha, NE 68114

(402) 361-3000

[email protected]

• Endpoint Security• Patch Management• Privileged Data Management• Security Information and Event Management• Subscriptions to Threat Information Intelligence



An MSSP aimed at mid- to large-sizebusinesses (50+ employees) which explicitlyoffers security solutions for the utility industry,including PCS, DCS and SCADA systems.

ADDITIONAL DETAILS:


• Has experience in the electric utility sector,including experience working with manydevices, including PCS, DCS and SCADAsystems.

• Specializes in security solutions formedium-size businesses (50+ employees).

• NTT-Security is a worldwide organizationwith four offices in the USA, 10 SecurityOperations Centers and 7 R&D centers,1,500+ employees across the globe, morethan 10,000 clients worldwide, and morethan 6.2 billion attacks detected anddefended against per year.


• Provides monitoring services for over205 device types.

• Tailored services for client-specific needs.

• NTT-Security provides targeted threatintelligence, network access control, logmonitoring and management, vulnerabilitymanagement, security device managementand mobile solutions management.

• NTT-Security will manage a large numberof third-party vendors’ access controlsolution, firewalls and malware protectionsolutions, endpoint security, VPNs, webapplications, network devices, operatingsystems, and unified threat managementsolutions. NTT-Security works with thebusiness to design a security system whichis right for them.

• NTT-Security offers a patch managementsolution as part of its managed securitydevices suite of services.

• Allows a selection of multiple vulnerabilityscanning services including internal andexternal vulnerability scanning, changeenforcement control and penetration testing.

• As a managed service, NTT-Security scanson behalf of the client, but the client retainson-demand control. NTT-Security alsohelps clients choose the best platform forvulnerability lifecycle management.

WWW.NTTSECURITY.COM

WWW.NUSPIRE.COM/MSS/MANAGED-SECURITY-SERVICES-OVERVIEW

< PREVIOUS >


Nuspire Networks 3155 Dallavo Ct, Commerce Charter Twp, MI 48390

(877) 435-1640

[email protected]

• Employee Bring Your Own Device (BYOD)support possible

• Endpoint Protection• Patch Management• Security Information and Event Management• Subscriptions to Threat Information Intelligence

Feeds


MSSP which emphasizes work withsmall/medium businesses and has experiencein the energy and utility industries, includingworking with plant equipment and PCSs.

ADDITIONAL DETAILS:


• Headquartered in Walled Lake, MI.


• Works with small and medium businessesto global enterprises.


• Nuspire has the capacity for endpoint secu-rity. Combine expertise of security analyticsteam with the company’s nuEndpoint tech-nology to deliver security as a service fromthe cloud.

• Patch management through comprehensivegateway solutions.

• Security Information and Event Managementis handled by the NuSecure nuSIEM plat-form. Cloud based service ensures logs andintelligence reports are processed and ana-lyzed in real time, providing faster reactionto security events and alerts.

• Up-to-date information on Intrusion pro-tection, vulnerabilities, etc.

• Fully staffed 24/7/365 Security OperationsCenter provide expertise for threat analyticsas well as quick alert response and threatremediation.

• In house security engineering and R&Dteam constantly investigate and under-stand customer’s network assets, researchsecurity threats, and develop solutions.

• Rogue wireless access point detection addextra layer of security to organization offer-ing BYOD policies, by providing necessaryhardware to actively scan for unauthorizedaccess points.

WWW.NUSPIRE.COM/MSS/MANAGED-SECURITY-SERVICES-OVERVIEW

WWW.PALOALTONETWORKS.COM/SOLUTIONS/INDUSTRIES/ENTERPRISE/ELECTRIC-UTILITIES

< PREVIOUS >


Palo Alto Networks 4401 Great America Parkway, Santa Clara, CA 95054

(866) 320-4788

[email protected]


Feeds


Product provider focusing on integrated andautomated security platform that includesadvanced firewall, network monitoring, endpoint protection, and cloud service threat control.

ADDITIONAL DETAILS:


• 1,000–5,000 employees.

• More than 35,500 customers in140 countries worldwide.

• Works with customers that rangefrom small and medium businessesto global enterprises.

• Experience with utility customers.




• Capacity for endpoint security. Palo AltoNetworks’ Traps system combine malwareand exploit prevention to pre-emptivelyblock both known and unknown threats.

• Offers options for Ethernet-enabled devicesand security platform products forICS/SCADA security.

• Security Information and Event Managementis centrally managed in the endpointsecurity manager software.

• Up-to-date information on Intrusionprotection, vulnerabilities, etc.

• Network-based security, stream-basedmalware protection, URL, file and datafiltering, and policy based access manage-ment are also provided.

https://www.paloaltonetworks.com/solutions/industries/enterprise/electric-utilities

HTTPS://PROFICIO.COM

< PREVIOUS >


Proficio 3264 Grey Hawk Court, Carlsbad, CA 92010

(450) 430-8166

https://www.proficio.com/contact




An MSSP that provides security services andhas experience in the energy sector, includingworking with ICS/SCADA systems.

ADDITIONAL DETAILS:


• Headquartered in Carlsbad, CA.


• Has offices in Singapore and Spain.

• Works with mid- to large-sized enterprises.






• Award-winning MSSP offering a fullrange of cybersecurity services includingmanaged detection and response (MDR).

• Endpoint security through the ProSOCplatform. The company provides 24/7security event monitoring, threat corre -lation analysis, incident response, andforensic investigation service.

• Identity/privileged access management isoffered through a partner (Thycotic).

• Vulnerability assessments services areoffered. Proficio provides risk assess-ments, penetration testing, and codereview, among other services that helporganizations gain better understandingof their assets and threats.

• Up-to-date information on Intrusionprotection, vulnerabilities, etc.

• Advanced SIEM analysis.

• Offers options for Ethernet-enabled devicesand has experience working with ICS andSCADA systems.

• The cloud-based security operation center(SOC) provides detection, protection andautomated incident response.

• Help increase visibility and proactivelyinvestigate and hunt for known andunknown threats.

• 24/7 managed security services.

• Scalable deployment.

HTTPS://PROFICIO.COM

HTTPS://RAPID7.COM/SOLUTIONS/INDUSTRY/ENERGY

< PREVIOUS >


Rapid7 100 Summer Street, 13th Floor, Boston, MA 02110

(617) 247-1717

[email protected]




Rapid7 is a security data and analytics solutionprovider that also offers MSSP services usingin-house products and solutions and provideswide range of services.

ADDITIONAL DETAILS:


• 500–1,000 employees.

• More than 6,000 clients in 110 countriesworldwide.

• Works with businesses and industries ofall sizes.





• Endpoint security offered using company’sNexpose vulnerability management solu-tion to visualize endpoint risk and reme -diate the threat. The company also offersother products with web applicationsecurity testing capabilities.

• Security advisory service provided tohelp clients model incoming threats anddevelop security programs or assessexisting programs.

• Security information and event manage-ment solution offered through InsightIDRproduct.

• Active community sharing threat intelli-gence and latest threats.

• NERC CIP compliance through the com-pany’s Nexpose and Metasploit productfor penetration testing, vulnerability scans,and automatic asset discovery. SecurityAdvisory Service also offered to assessand help achieve compliance.

• Managed detection and response serviceprovide 24/7 detection and response serv-ice that act immediately when breacheshappens, allowing quick response time.

• Compromised credentials detection withcompany’s InsightIDR solution, as well asuser behavior analysis.

• Penetration testing services are offered forall possible situations including: internaland external networks, wireless networks,mobile applications, physical devices, andsocial engineering penetration.

HTTPS://RAPID7.COM/SOLUTIONS/INDUSTRY/ENERGY

WWW.RAVENII.COM

< PREVIOUS >


RAVENii 17501 W. 98th St. Pillar, #18-33, Lenexa, KA, 66219

(844) 317-0944

[email protected]

• Bring Your Own Device Provisioning forCompany And Personal Services

• Endpoint Security• Patch Management• Security Information and Event Management• Single-File Encryption Software• Subscriptions to Threat Information Intelligence



RAVENii provides continuous threat and vul-nerability management, firewall management,managed endpoint protection, and incidentresponse. RAVENii provides a comprehensiveendpoint security solution which includesCylancePROTECT anti-virus protection.

ADDITIONAL DETAILS:



• RAVENii advertises its MSSP as athree-tier system.

1. The first tier includes licensing, mainte-nance, and administrative upkeep, butthe customer operates the solution.

2. Tier two builds upon this by alsoproviding the day-to-day managementand operation of the solution.

3. Tier three adds incident managementand triage activity for critical securityincidents.




• RAVENii provides security assessmentservices, which can be run continuously,and active assessments that can run regu-larly. RAVENii also provides complianceassessments and vulnerability managementin the form of a debrief — a reportingportal and analysis, remediation plansand the ability to deploy updates.

• Specializes in securing Internet of Things(IoT) devices.

• Encryption is available as part of thebundle of services.

• Daily vulnerability assessments, security/application/system/custom log filemonitoring are services available.

• Device tracking and reclamation.

• Complete security information and eventmanagement and log management forinstalled security devices.

• Provision for personal and companydevices to access the network and beincluded in vulnerability assessments.

• Remote assistance and backups for singlefiles to entire systems.

WWW.RAVENII.COM

WWW.REDHAWKSECURITY.COM/MANAGED-SERVICES

< PREVIOUS >


Redhawk 62958 Layton Ave., Suite One, Bend, OR 97701

(541) 382-4360

[email protected]

• Patch Management• Security Information and Event Management• Vulnerability Assessments


Redhawk Network Security provides a multi-faceted view into the company’s security environment.

ADDITIONAL DETAILS:


• Headquartered in Bend, Oregon.


• Has an office in Austin, TX.

• Services Utilities, Healthcare, GovernmentServices (NIST, CJIS, FISMA), IndianGaming Sites, and Financial Institutions.



• MSSP and consulting services. Redhawk’snetwork security services comprises ofPCI, HIPAA and NERC CIP compliances,Security Assessments, Managed Security,Penetration Testing, Vulnerability Manage-ment, Risk Management and many otherfeatures.

• Redhawk provides maintenance adminis-tration, upgrades, patches and incidentresponse, thereby, covering the patchmanagement aspect.

• Vulnerability Management is a key partof the of the services by Redhawk. Themanaged process finds known vulnera -bilities in networks and applications.

• SIEM services comprises of Redhawk’sSecureSensor™ Solution that ensuresmaintenance, configuration, incidentresponse, vulnerability scanning andsecurity testing. Testing helps assure thatsystems are updated and changes do notcreate new vulnerabilities. Scan observa-tions include risk analysis with assignedrisk levels and technical recommendationsfor remediation. Monitoring, alert andevent management are available 24/7/365.The services also include archiving of files— policies, procedures, and managedservice reports.

https://www.redhawksecurity.com/services/Information-Security-for-Utilities.htm

WWW.REDSEAL.NET

< PREVIOUS >


RedSeal, Inc. 940 Stewart Drive, Sunnyvale, CA, 94085

(408) 641-2200

[email protected]

• On-Demand Analysis of Security Posture• Vulnerability Assessments


RedSeal provides a cyber-security analyticsplatform. The platform provides companieswith a Digital Resilience Score which acts as asimple metric for how effectively RedSeal’scurrent security measures are working to protect its network.

ADDITIONAL DETAILS:

• Has more than 100 employees.



• Has NERC CIP v5 compliance expertise.


• Customers include: Adobe Systems,Capital One, PG&E, Cisco Systems, U.S.Department of Defense, and the U.S. Army.


• Provides endpoint security and monitoring.

• Builds map of an organization’s technologyand connectivity to provide a view of thesecurity posture and identify vulnerabilities.

• RedSeal provides a simple metric andidentifications of vulnerabilities.

• RedSeal works with utilities customers tosecure corporate networks and those thatcontrol critical equipment, SupervisorControl, and Data Acquisition (SCADA)networks.

• Mobile and personal device security islikely to be provided as RedSeal displaysits Digital Resilience Score on assortedmobile devices.

WWW.REDSEAL.NET

WWW.RENDITIONINFOSEC.COM

< PREVIOUS >


Rendition Infosec 451 Sugarcreek Dr., Grovetown, GA 30813

(888) 409-5811

[email protected]




Rendition Infosec is a full-service security consulting firm that provides a wide variety of services ranging from managed securityservice, endpoint and network monitoring toincident response and thread information andintelligence sharing.

ADDITIONAL DETAILS:





• The company can perform endpoint secu-rity and network monitoring, as well asintrusion detection through a combinationof its custom monitored web applicationfirewall (WAF) and partner SIEM platform.

• Vulnerability assessments and audit servicesare provided. The company’s AdvancedPersistent Threat Adaptive PenetrationTesting (APT2) model helps businessesaddress real world threats and risks.Vulnerability and penetration testing arealso available for institutions with wirelessnetworks.

• Security information and event manage-ment platforms are available (throughpartnership with AlienVault).

• Monthly webcast of intelligence and threathighlights are offered to clients for thelatest scoop on the security landscape.

• Incident response retainer, forensic analy-sis, botnet analysis, and cyber threat intelli-gence helps clients better understand thethreats and assist in threat remediation.

• Staff mentoring helps develop client’ssecurity staff and keeps them up to dateon latest security trends and new practices.

• Periodic phishing assessments to preventphishing attacks.

WWW.RENDITIONINFOSEC.COM

WWW.ROOT9B.COM

< PREVIOUS >


root9B 102 North Cascade Ave., Suite 220, Colorado Springs, CO 80903

(719) 505-6717

[email protected]

• Patch Management• Security Information and Event Management• Subscriptions to Threat Information Intelligence



root9B protects a wide range of commercialindustries for the federal and localgovernments.

ADDITIONAL DETAILS:


• Has about 200 employees.

• Customers include both commercial andpublic entities of all sizes.


• Vulnerability assessments: root9B providesa comprehensive analysis of the system’svulnerabilities using custom softwarewhich identifies the critical links attackerswill exploit.

• Extensive analysis of security events toprevent future vulnerabilities.

• Cutting edge knowledge of the securityenvironment, deployed as soon as theinformation becomes available.

• Manned Information Security solutionactively hunts attackers in the networkand deploys countermeasures toneutralize them.

• root9B’s Adversary Pursuit Center allowsremote anomaly analysis, incident response,malware analysis and credential security.

• root9B’s offerings are more trainingfocused than a traditional MSSP.

• Offers beginner to advanced securitytraining.

• root9B produces a short term, mediumterm, and long term plan together withthe client to satisfy their security needs.

WWW.ROOT9B.COM

WWW.SAGENET.COM/MARKETS/CYBERSECURITY-SOLUTIONS/MANAGED-SECURITY-SERVICES

< PREVIOUS >


SageNet 10205 E. 61st Street, Tulsa, OK 74133

(918) 270-7000

[email protected]




SageNet designs, implements and managesnetworks. SageNet manages communicationsat more than 160,000 locations around thenation.

ADDITIONAL DETAILS:

• SageNet was founded in 1998, following amerger with Spacenet, founded in 1981.

• SageNet Acquired Turnberry Solutions’Cybersecurity Division in 2015.

• Targets customers in the retail, healthcare,financial, energy, and public utilities sectors.

• Experience working with state lotteries andgovernment agencies.


• Cryptzone provides a software perimeterusing VPN and a jump server.

• Develop authentication methods includinghardware tokens, software tokens or othermultifactor methods to protect on prem,cloud based or 3rd party hosted systemsand information.

• Deployment of patches and countermea-sures is considered under vulnerabilityManagement Services.

• SageNet performs Pen Tests involvingReconnaissance, Vulnerability Identi -fication, Attack Planning, VulnerabilityExploitation, Clean Up and Reporting.

• Next Generation Firewalls (NGFW).

• 24x7 Security log.

• SIEM runs on Amazon Web Services.

• Firewall Management.

• IPS/IDS Protection.

• Data Loss Protection.

• Content Filtering.

WWW.SPACENET.COM/MARKETS/CYBERSECURITY-SOLUTIONS/MANAGED-SECURITY-SERVICES

WWW.SECUREWORKS.COM

< PREVIOUS >


SecureWorks 1 Concourse Pkwy NE, #500, Atlanta, GA 30328

(877) 838-7947

www.secureworks.com/contact/talk-with-an-expert

• Bring Your Own Device (BYOD) Provisioning• Endpoint Protection• Security Information and Event Managementt• Subscriptions to Threat Information Intelligence



SecureWorks is an MSSP with a focus in SaaS-based early-warning systems and hasexperience in the energy and utility industries,including working with power plant threaddetection and vulnerability patching.

ADDITIONAL DETAILS:



• More than 4,300 clients in 59 countriesworldwide.

• Works with businesses and industriesof all sizes.



• Endpoint security service offered. Usesboth typical preventative endpoint pro -tection products — such as data encryp-tion, device and application control, VPNanti-malware/phishing, and vulnerabilityshielding — as well as advance malwaredetection tools that actively identify mal-ware through behavioral characteristicsanalysis.

• Vulnerability assessments services areoffered. SecureWorks offers variouslevels of assessment solutions includingdeploying on-site technicians to establisha security baseline, identify issues, andvalidate patching and hardening program.

• Up-to-date information on Intrusionprotection, vulnerabilities.

• Incident Response team helps developincident response plan, Incident ResponseManagement Retainer guarantees assis-tance to mitigate and help recovery froma security breach.

WWW.SECUREWORKS.COM

WWW.SECURIT360.COM/SERVICES

< PREVIOUS >


SecurIT360 530 Beacon Pkwy W, Suite 901, Birmingham, AL 35209

(205) 202-4233

[email protected]

• Endpoint Security• Security Information and Event Management• Vulnerability Assessments


SecurIT360 provides consultation, securityaudits, and training, as well as endpoint monitoring and incident response service.

ADDITIONAL DETAILS:



• Works with businesses and industriesof all sizes



• Endpoint security service offered. Endpointlogs are monitored with the company’sLogit360 solution that provides featuressuch as remote monitoring, alerting, eventcorrelation, etc.

• Vulnerability assessments and auditingservice offered to assess the securityreadiness of the client. Service is tailoredto client’s specific need, from as small asauditing security configuration of firewallsto full blown auditing of organization’ssecurity plan, infrastructure, and so forth.

• Security information event managementthrough Logit360 solution.

• Penetration testing offered for both internaland external networks, as well as physicaland social engineering penetrations.

• Incident Response team ready to deployat moment’s notice to help clients in caseof a breach.

• Incident analysis provides expertise andassistance to assess a breach, estimate thedamage, and formulate remediation actions.

• Training offered either online or in personto help bring client’s staff up to speed tothe latest security landscape.

WWW.SECURIT360.COM/SERVICES

WWW.SECURITYONDEMAND.COM

< PREVIOUS >


Security On-Demand 12121 Scripps Summit Drive, Suite 320 San Diego, CA 92131

(858) 693-5655

[email protected]





Security On-Demand is a comprehensive MSSPwith a focus on small/medium businesses. It provides security from the endpoint to thecloud, rapidly detecting threats, and has experience with utility companies.

ADDITIONAL DETAILS:


• Has security operations centers in SanDiego, California, and Arlington, Virginia.


• Has experience working with localgovernment.

• Extensive experience with medium/small businesses.




• Managed intrusion prevention service,including protection for unpatchedsystems.

• Threat and log analysis.

• Malware threat protection service; scansfiles on the network, in email, uploadssuspicious files on demand and protectsagainst advanced threats. The companyinspects the system across all operatingenvironments and gives full threat lifecycleinformation.

• Managed firewall service with the abilityto add web content filtering, anti-malware,web-based application protection and more.

• Patch management and delivery forsecurity devices through the ManagedFirewall Service.

• Vulnerability assessments tool whichincludes vulnerability management andreporting, and scans and reports forcompliance mandates, also providesVulnerabilityassessments and monitoringfor both company and personal devices.

• Managed intrusion prevention providessecurity event alerts, investigation, andresponse. Ensures compliance is maintainedand can protect unpatched systems.

• Managed Network Access Control Serviceensures each endpoint is only able to accessits authorized resources and information.Also enforces organization policy, includingpatch requirements for connected devices.

WWW.SECURITYONDEMAND.COM

WWW.SEDARASECURITY.COM

< PREVIOUS >


Sedara 77 Goodell St., #420, Buffalo, NY 14203

(844) 473-3272

[email protected]

• Endpoint Security• Security Information and Event Management• Single-File Encryption Software• Vulnerability Assessments


Sedara is an MSSP with strong partnershipswith AlienVault and Bit9 + Carbon Black. Bysuch partnerships, Sedara can add capabilitiesto its existing cybersecurity abilities.

ADDITIONAL DETAILS:

• Services small to large businesses.



• Endpoint security is offered through itspartnership with Bit9 + Carbon Black.The security will provide for applicationwhitelisting and detailed application audittrails. In addition, it will only allow forapproved applications to be run on companysystems. If an intrusion, virus or malwareoutbreak occurs, Sedara can performincident response on those systems inseconds.

• Sedara leverages AlienVault’s UnifiedSecurity Management™ (USM) solutionto provide a flexible SIEM platform. Theprogram allows for real-time correlationand identification of unwanted behaviorsusing event, threat, and risk informationtogether.

• As a part of NERC CIP and HIPAA com pliance adherence, Sedara offerscom prehensive vulnerability assessments.Its Intrusion Detection System (IDS) moni-tors the activities, to look for internal andexternal violations, and sends alerts forsuspicious behavior.

• Above capabilities are often coupled withintegrated Intrusion Detection System, logand asset management to provide for acomplete solution. In addition, the servicesare customizable to one’s needs.

WWW.SEDARASECURITY.COM

HTTPS://SERA-BRYNN.COM

< PREVIOUS >

Managed Cybersecurity Service Providers for Electric Utilities — Company Descriptions| 51

Sera-Brynn 5806 Harbour View Blvd., #204, Suffolk, VA, 23435

(757) 243-1257

[email protected]




Sera-Brynn is a cybersecurity audit and advisory firm. The company works with legal,insurance, accounting, and law enforcementindustries to provide the best protection possible.

ADDITIONAL DETAILS:


• Has approximately 50 employees.

• Works with midsize companies,governmental organizations andnon-profits.

• Expertise in compliance testingand auditing.


• Consultancy firm for businesses thatrequire occasional or project-specificsecurity and compliance assistance.

• Vulnerability assessments: Sera-Brynn pro-vides a full Cyber Risk assessment, whichdiscovers the vulnerabilities and risks ofthe system, compliance requirements andthe steps forward in securing the system.

• Security information and event management:Cyber-forensics included as part of theincident response service offering.

• A comprehensive incident response serviceis available, assessing, containing, analyz-ing and cleaning up the damage, whileworking with law enforcement and legalrepresentatives if needed.

• Consulting services provided as requiredsecurity services, saving money and time,while providing the expertise when it’sneeded.

• Extensive penetration testing is availableand the results are presented in a business-centric way.

• Extensive vulnerability testing services.

HTTPS://SERA-BRYNN.COM

WWW.SOLVEREONE.COM

< PREVIOUS >


Solvere One 601 Pennsylvania Ave., NW, #900, Washington, DC 20004

(202) 905-2722

[email protected]




Solvere One is an IT consulting and outsourc-ing company specialized in security and policycompliance, offering services including vulner-ability assessments, CIO and CTO support, aswell as managed security as a service.

ADDITIONAL DETAILS:



• Serving and providing on-demand IT andconsulting to over 300 offices worldwide.

• Works with businesses of all sizesand industries.

• Experience in the electricity sector.


• Vulnerability assessments services areoffered to analyze client’s networkenvironment. This includes constantscanning and monitoring vulnerabilities.

• SIEM through log management, SIEMevent correlation, netflow analysis, andother service availability monitoring areavailable through a unified managementconsole.

• Managed detection and response serviceprovides 24/7 detection and responseservice that act immediately when breachhappens; this allows for quick responsetime.

• Penetration testing service to assessnetwork security risk, review networkdesign, and policy.

• Incident response and forensics toanalyze threat.

• Leverage Windows Rights ManagementSystem to provide encryption and contentsecurity.

WWW.SOLVEREONE.COM

WWW.SPEARTIP.COM/MANAGED-SERVICE-PROVIDER

< PREVIOUS >


SpearTip 1714 Deer Tracks Trail, Suite 150, St. Louis, MO 63131

(800) 236-6550

http://www.speartip.com/company/contact-us/#content




SpearTip is an MSSP with strong roots in CyberCounterintelligence. The company specializesin analyzing cyber threats including espionageand terrorism to deliver custom solutions.SpearTip’s Cyber Counterintelligence Teamconducts penetration testing, malware analysis,digital forensics, human intelligence collection(HUMINT), pre-attack intelligence analysis,open source data review, elicitation techniques,and technical surveillance countermeasures(TSCM). These areas of expertise include specialized enterprise risk management service mapped to COBIT, NIST, ISO, and/or other industry standards.

ADDITIONAL DETAILS:

• SpearTip serves small businesses includingretail shops.

• The company’s usual clients includefinancial and healthcare firms.


• SpearTip provides endpoint securityusing Network-based advanced malwaredetection and malware analysis, andpeer-to-peer data leak monitoring.

• Subscriptions to threat informationintelligence feeds.

• Its host-based advanced malware detectionand malware analysis uses active memoryanalysis with key features such as reverseengineering and zero-day identification.

• SpearTip also uses DarkNet research toidentify the human operator behind anattack.

• The assessment services include pene -tration testing, web-application testing,and other tools for proactive compliancemanagement.

WWW.SPEARTIP.COM/MANAGED-SERVICE-PROVIDER

WWW.SYMANTEC.COM/SERVICES/CYBER-SECURITY-SERVICES/MANAGED-SECURITY-SERVICES

< PREVIOUS >


Symantec 350 Ellis Street, Mountain View, CA 94043

(650) 527-8000

http://partnerlocator.symantec.com




Symantec offers a variety of services and products targeting a wide array of industriesand all service sizes.

ADDITIONAL DETAILS:


• 10,000+ employees (>1,000 in MSSPcybersecurity teams).

• Offers a wide range of security productsfrom OTS software to full MSSP services.

• Offers services to businesses of all sizesand targets many industries, including,industrial & utilities.

• Has particular offerings for the devicesused in industrial processes, i.e. PLCsand more.


• Endpoint security is a main feature ofthe MSSP offering. Engineers assess thebusiness and implement a solution basedon the field.

• Symantec offers a number of services,including account and data management.

• Vulnerability assessments are available asa separate service.

• Log retention and analysis providesimproved detection and systemassessment.

• Assists with compliance reporting whenrequested.

• ICS asset detection, anomaly detection,and automated learning.

• Internet of Things (IoT) security, includingindustrial equipment (PLCs, etc.).

• A dedicated team of engineers is assignedto a business, and stays with it, allowingmonitoring and updates by people whoknow the system.

• Bring your own device provisioning forcompany and personal services

https://www.symantec.com/services/cyber-security-services/managed-security-services

HTTPS://TAGREMSECURITY.COM

< PREVIOUS >


Tagrem Security 9820 Willow Creek Road, Suite 390, San Diego, CA 92131

(800) 867-1375

[email protected]

• Endpoint Protection• Privileged Data Management• Security Information and Event Management• Vulnerability Assessments


Tagrem is a global eCommerce agency provid-ing enterprise software, technology and digitalmarketing solutions to large- and medium-sizeorganizations in the United States and aroundthe world.

ADDITIONAL DETAILS:


• Currently a small company with less than50 employees in IT.

• Founded in San Diego, California and nowhas offices in San Diego, Toronto, Pune,India and Ho Chi Minh City, Vietnam.

• Focuses on small to medium companies.



• Vulnerability Scanning.

• Log Management.

• Security Assessments.

• SCADA Compliance Solutions.

• Anomaly Detection Tools.

• Application Whitelisting

• Security Awareness Training.

• PCI Solutions.

• KiOSK Protection and Compliance.

HTTPS://TAGREMSECURITY.COM

WWW.TRUSTWAVE.COM

< PREVIOUS >


Trustwave 70 W. Madison St., Suite 600, Chicago, IL 60602

(312) 873-7500

[email protected]

• Bring Your Own Device (BYOD) Management• Endpoint Protection• Encryption Management• Security Information and Event Management• Subscriptions to Threat Information Intelligence



Trustwave is an MSSP that specializes in cybercrime, data protection, and managingsecurity risk integrated technologies. Trustwaveuses a team of security experts, ethical hackers,and researchers to help businesses managetheir information security and compliance programs.

ADDITIONAL DETAILS:



• Services a range of industries, includingsmall businesses.

• Prior experience includes education sector,payment services, restaurants, healthcare,hotels, and financial services.


• Trustwave provides endpoint securityusing the cloud to implement its TrustwaveEndpoint Protection Suite (EPS) irrespec-tive of the device used.

• Managed Encryption: integrated full-diskencryption for laptops, encryption for USBdrives and other removable media, andencryption for email attachments — allas a managed service.

• Trustwave also provides for managedIntrusion Detection and PreventionSystems.

• Trustwave Vulnerability Managementservices deliver proactive scanning, testingand remediation of application, databaseand network vulnerabilities.

• In addition to BYOD management,Trustwave offers managed Two-FactorAuthentication for secure logins.

• Trustwave helps meet the compliancerequirements by identifying risks anddefining corresponding managementsystems.

WWW.TRUSTWAVE.COM

WWW.WIPRO.COM

< PREVIOUS


Wipro, Ltd 601 13th Street, 11th Floor South, Washington, DC 20005

(202) 534-1794

http://www.wipro.com/contact

• Endpoint Protection• Privileged Data Management• Security Information and Event Management• Vulnerability Assessments


Wipro, Ltd is a global information technology,consulting and outsourcing company with170,000+ workforce that serves clients in 175+cities across 6 continents. Wipro has experiencewith many industries, including utilities.

ADDITIONAL DETAILS:


• Made it onto Forbes’ Global 2000.

• 20+ offices throughout the US, with clientssuch as NV Energy, Michigan State, Xactly,and Medicare Services. Wipro claims tosupport 50+ utility clients around the world.

• Specific industry capabilities with leadingproduct vendors such as SAP, Oracle, IBM,ABB, and ESRI.


• Wipro offers the ServiceNXT ManagedSecurity Service.

• Sustained assessment of vulnerabilities:periodic scans on infrastructure/applica-tions, establishing risk-based profile toremediate vulnerabilities, and consultativesupport during remediation process.

• Managed Authentication Services: infra-structure support, token provisioning,distribution and inventory management,and end user support.

• Compliance based reporting — SOX, PCIDSS, HIPAA, GLBA, FISM.

• Integrated Alert and Advisory services.

• Early detection and prevention ofemerging threats.

• Services delivered using industry standards(ITIL, ISO) and best practice processes.

• Global, 24x7 support available to managechange, incident, performance, and servicerequests; Security Event Monitoring andIncident Response; Identity and AccessManagement.

WWW.WIPRO.COM

Date post:	08-Apr-2020
Category:	Documents
Upload:	others
View:	2 times
Download:	0 times

MANAGED CYBERSECURITY SERVICE PROVIDERS FOR …...Content filtering services may be provided such as...

Documents