ethernautics

IT Solutions Architects and Cyber Security Engineering

Ethernautics, Inc. – Meissner Project with California Water Services Group

Client Name: California Water Services Group

Project Lifecycle: 7/2015-12/2015

Consultant: Michael W. Meissner, RCDD

Title: Ethernautics: Cyber Security Architect – Program Manager – Project Manager

Project Title: Cyber Security Program Development and Governance

Scope:

Cyber Security Program Development and Governance; Cyber Security Digital Engineering,

Project Management; Network Engineering; Vulnerability Assessment and Remediation for Plant Control System (PCS) and SCADA Systems in production for treatment and distribution of water.

Ethernautics, Inc.

Is an Infrastructure Engineering Consultancy providing professional Cyber Security Services. Including Cyber Security Design Engineering, Vulnerability Assessments and Mitigation, Program Management and Implementation and Governance.

Michael W. Meissner, RCDD

Is an internationally recognized Program Manager and Solutions Architect for organizational Cyber Security Programs with over 20 years of implementation experience in the domain of Plant Control Systems (PCS) and SCADA systems and Internet-of-Things (IoT). Meissner authored Authorization and Control: Addressability (US Patent # 6070001).

Mike Meissner

Meissner’s experience and technical acumen has lead Ethernautics, Inc. in its Cyber Security Engineering Practice since 2007 lending his experience to multiple Ethernautics clients.

Mr. Meissner performed under contract with Ethernautics at California Water Services in San Jose, California from 07/2015 thru 12/2015.

California Water Services Group (CWS):

Is a Water Utility – Providing Water Treatment and Distribution throughout California, Hawaii, New Mexico and Washington. The Infrastructure is a part of what was Presidential Policy Directive/PPD-21 – Critical Infrastructure Security Resilience. Along with other financial and cyber security requirements create a regulatory climate for that elucidated the need for protection of its Critical Digital Assets and Structures from Cyber Attack. California Water Services has significant assets that make up its Plant Control Systems (PCS/ICS) and SCADA (Supervisory Control and Data Acquisition) and require ongoing monitoring and improvements in its overall Cyber Security Defense-in-Depth Posture.

SCOPE OF WORK:

The primary scope of the work to be performed centered on the implementation of NIST – Cyber Security Framework for Critical Infrastructure. Network Security Design, Security Systems, Plant Control and SCADA Systems in Water Distribution Infrastructure. Implementation of selected best practices.

Mr. Meissner primary duties were as a Consulting Systems Architect and Program Manager. He also performed as as Cyber Security Digital Engineer. In the performance of configuration and asset management he also utilized his RCDD skills.

Program Management and Project Management

  • Consultative Lead in development and implementation of Cyber Security Program
  • Project Manager for Vulnerability Assessment and Remediation
  • Technical Project Manager to implement Future State ICS/SCADA Network Design
  • Project Manager for development of Defense in Depth Architecture
  • Project Manager for PCS/SCADA Infrastructure Design Implementation
  • Project Manager for Asset Management
  • Vendor Management
  • Craft/Union Management
  • Tools: Microsoft Project, Project Server, Sharepoint, Microsoft Office Suite

Cyber Security Digital Engineer

  •  Leading the efforts as a Cyber Security Digital Engineer/RCDD Mr. Meissner conducted Cyber Security Vulnerability Assessment (ISO/IEC 15408-1:2009)
  • Vulnerability Remediation and Mitigation for CWS’s Plant Control and SCADA Systems.

Business System Analysis

  •  Mr. Meissner performed analysis of heterogeneous ICS/PCS systems deployed at California Water Services
  • Developed enhance ICS/SCADA System Design including a enhanced Secure Network Design.
  • Business Requirements
  • Regulatory Requirements
  • CDA Determination
  • Vulnerability Assessments

Design

Mr. Meissner performed analysis of heterogeneous ICS/PCS systems deployed at California Water Services

  • Developed enhance ICS/SCADA System Design including a enhanced Secure Network Design.
  • Defense-In-Depth Architecture (NIST Cyber Security Framework and ISO/IEC 27001 Compliance, COBIT, COSO).
  • Network Security Design,
  • Radio Encryption.
  • Security
  • Best Practices
  • Supporting Infrastructure

Asset Management

Asset Management and Critical Digital Asset Determination throughout the System Lifecycle

  • CMMS
  • Orion
  • Xcel and others

Quality Assurance and Test

  • Best Practices
  • Penetration Test
  • Vulnerability SCANS
  • SQA

Cyber Security Governance and Regulatory Compliance

  • Implementation of NIST – Cyber Security Framework for Critical Infrastructure.
  • Best Practices
  • Cyber Security Policy and Implementing Procedure
  • Digital Asset Determination and Controls Establishment
  • Configuration Management and Change Management
  • Risk Management
  • Audit
  • Incident Management

Policies and Procedures development Security Systems

  • Cyber Security Policy Corporate IT
  • Cyber Security Policy ICS/SCADA
  • CSAT
  • Identity Management and Access Management
  • Password Policy
  • SQA
  • Portable Processing Devices
  • Portable Media
  • Critical Digital Asset Determination
  • Controls Catalog
  • Defense-in-Depth
  • Supply Chain
  • Vendor Management
  • Key Program

Plant Control and SCADA Systems in Water Distribution Infrastructure.

Technology Stack:

Integrated Plant Control Systems ( PLC’s Modbus, BACNet, SCADA ProSCADA, [Kepware, Wonderware], WiFi), CISCO (ISE), Waterfall/Canary/Owl Data Diodes, Palo Alto, VMWare, Integration of Communications Networks, Voice, Data, Paging, Radio and Wireless (Voice and Data), Oracle.

  • IT cybersecurity detection and prevention tools:
    • Network Monitoring – SolarWinds
    • Vulnerability Scanners – Retina
    • SIEM – Splunk, QRadar
    • IDS / IPS – Sourcefire, Cisco IPS 4200, IntruShield
    • Defense in Depth Architecture and Advanced Persistent Threats (APTs)
    • Incident Management and Forensics
  • Project Management:
    • Microsoft Project
    • Project Server
    • SharePoint
    • Microsoft Office Suite
  • Asset Management
  • Test – Retina
  • ERP – PeopleSoft
  • Asset Management
  • Oracle
  • Integrated Plant Control Systems: PCS/ICS/SCADA
    • PLC’s Modbus, BACNet, SCADA ProSCADA, [Kepware, Wonderware]
  • WiFi – 802.11
  • CISCO (ISE)
  • Firewalls and Data Diodes: Waterfall/Canary/Owl Data Diodes, Palo Alto
  • VMWare

Integration of Communications Networks, Voice, Data, Paging, Radio and Wireless (Voice and Data

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Information

This entry was posted on January 21, 2016 by in Uncategorized.
%d bloggers like this: