What assets support reliable service?
Identify the control centers, substations, relays, RTUs, communications links, field devices, power supply dependencies, and business systems that support operations.
Electric power sector support
Electric Power Cybersecurity, Physical Security, and Operational Resilience
Systems Risk Advisory helps electric power organizations strengthen cyber, physical, OT/ICS, and operational readiness for substations, control systems, field assets, and business systems that support reliable service.
Electric power risk is operational risk.
Electric power organizations operate under conditions where cyber, physical, and operational risk are tightly connected. Substations, control centers, protection systems, communications paths, field crews, business systems, vendors, and public communication all affect reliable service.
Systems Risk Advisory helps power organizations identify practical risk, clarify priorities, and prepare for incidents that could affect operations. We focus on the systems, facilities, people, procedures, and decisions that matter during a real event.
Our work is useful for municipal electric utilities, public power agencies, electric cooperatives, local government power operations, and critical infrastructure organizations with electric power dependencies. Engagements are principal-led and supported by qualified specialists when the project requires added depth.
Questions we help power organizations answer
Good security work starts with operationally relevant questions. These questions help leaders move from broad concern to clear decisions.
Who can reach critical systems?
Review remote access, vendor connections, engineering laptops, privileged accounts, service accounts, shared credentials, and access paths into OT environments.
What could be controlled or disrupted?
Assess exposure related to switching, breaker control, relay settings, telemetry, alarms, outage response, distribution automation, and operator visibility.
How would staff know something is wrong?
Review SCADA alarms, device indications, logs, communications errors, field reports, call center inputs, outage management signals, and escalation triggers.
How would operations continue?
Assess manual switching, dispatch procedures, crew communications, backup communications, spare equipment, vendor support, and degraded-mode operations.
How would leaders coordinate decisions?
Clarify leadership authority, public messaging, emergency management coordination, mutual aid, law enforcement support, board or council communication, and reporting expectations.
Services for electric power organizations
Systems Risk Advisory supports power organizations with connected services that address cyber, physical, OT/ICS, SCADA, incident response, continuity, and resilience needs.
OT/ICS and SCADA Security
Practical review of control-system architecture, substation communications, distribution automation, remote access, vendor support, and safe recovery concerns.
- SCADA architecture and access review
- Substation, relay, RTU, and communications considerations
- Engineering workstation and support laptop review
- Remote access and vendor access review
- IT/OT separation and segmentation planning
Physical Security
Review of substations, yards, control facilities, field sites, gates, fencing, cameras, lighting, access control, alarms, and response procedures.
- Substation perimeter and access review
- Critical equipment and control building review
- Camera, lighting, and alarm considerations
- Visitor, vendor, and field access procedures
- Cyber-physical dependency review
Cybersecurity Assessments
Assessment support focused on identity, access, ransomware readiness, email security, backups, policies, logging, and practical risk reduction.
- Ransomware exposure review
- Privileged account and remote access review
- Backup and recovery review
- Policy and procedure review
- Prioritized action roadmap
Risk and Resilience Assessments
Consequence-informed review of cyber, physical, operational, and dependency risks that could affect reliable electric service.
- Critical asset and dependency review
- Cyber and physical risk inputs
- Operational consequence review
- Resilience and continuity considerations
- Leadership briefing support
Incident Response Planning
Planning support for cyber, physical, and operational incidents that could affect dispatch, field response, substations, communications, and public confidence.
- Roles and escalation paths
- Containment and continuity steps
- Vendor and mutual aid coordination
- Public communication support
- Recovery sequencing
Tabletop and Operational Exercises
Exercises that test leadership decisions, technical coordination, field response, communications, continuity, and recovery during realistic power-sector scenarios.
- Ransomware and business system disruption scenarios
- Suspicious SCADA, relay, or telemetry activity scenarios
- Substation intrusion or sabotage scenarios
- Loss of communications or operator visibility scenarios
- After-action report and improvement tracking
Common scenarios we help power organizations prepare for
Exercises, assessments, and response plans should reflect the incidents power organizations are most likely to face and the decisions leaders will need to make.
- Ransomware affecting business systems, call centers, outage management, billing, or shared city systems
- Compromised remote access into IT, OT, SCADA, or vendor support environments
- Suspicious relay, RTU, communications, or SCADA activity
- Loss of operator visibility into substations, feeders, alarms, or field status
- Unauthorized access attempt at a substation, yard, control facility, or communications site
- Vandalism, copper theft, equipment damage, or physical intrusion affecting operations
- Field crew communications disruption during an outage or emergency event
- Vendor support account misuse or unmanaged engineering workstation access
- Conflicting decisions between utility operations, IT, leadership, emergency management, vendors, and public information staff
Typical deliverables
The goal is usable output. Reports, plans, exercises, and briefings should help leaders make decisions and help staff act.
| Deliverable | Purpose |
|---|---|
| Executive risk briefing | Clear findings, priority decisions, and leadership-level options. |
| Assessment report | Documented observations, risk themes, consequences, and recommended improvements. |
| OT and access review memo | Focused documentation of remote access, vendor access, SCADA paths, segmentation, and recovery concerns. |
| Physical security observations | Practical findings for substations, field sites, control facilities, access control, alarms, lighting, cameras, and response procedures. |
| Incident response or continuity content | Plan updates for escalation, containment, communications, degraded operations, recovery, and coordination. |
| Exercise package | Scenario, injects, facilitator guide, participant materials, evaluation notes, and after-action findings. |
| Improvement tracker | A working list of actions, owners, due dates, status, and follow-up needs. |
Who we support
Power-sector readiness requires coordination across leadership, operations, engineering, IT, OT, field work, emergency management, vendors, and public communication.
- General managers and utility executives
- Public power and cooperative leaders
- Electric utility directors and operations managers
- Dispatch and control center personnel
- Protection, controls, substation, and communications personnel
- IT, OT, cybersecurity, and network teams
- Field crews, maintenance teams, and engineering staff
- Emergency managers and continuity planners
- Public information officers and communications staff
- Boards, councils, city administrators, and executive leadership teams
Why Systems Risk Advisory
Power organizations need practical guidance from people who understand critical infrastructure, not generic security language detached from operations.
Critical infrastructure focus
We understand that power-sector security is about keeping essential service operating, not producing generic security paperwork.
Engineering-aware review
We account for control systems, field equipment, substations, communications, protection concerns, and the operational effect of security decisions.
Cyber and physical together
We connect cybersecurity, physical security, operational response, emergency planning, vendor access, and leadership decision-making.
OT/ICS awareness
We account for SCADA, remote access, engineering workstations, substation devices, telemetry, alarms, communications paths, and safe recovery.
Usable deliverables
We produce briefings, reports, plans, exercise materials, and action trackers that leadership and technical teams can use.
Principal-led support
Engagements are led by experienced senior personnel and supported by qualified specialists when the project requires added depth.
How an engagement works
Each engagement is scaled to the organization’s size, systems, staffing, risk concerns, and desired outcome.
Frame the mission
We clarify the organization’s essential functions, service obligations, major assets, current concerns, and operational constraints.
Review the environment
We examine cyber, physical, OT/ICS, SCADA, staffing, vendor, emergency response, and continuity factors.
Identify practical risk
We connect threats, vulnerabilities, dependencies, consequences, and likely decision points.
Prioritize improvements
We rank findings by service impact, feasibility, cost, urgency, and readiness value.
Support decisions
We prepare clear materials for utility managers, boards, councils, executive leaders, and technical teams.
Build readiness
We help update plans, train staff, run exercises, and track corrective actions.
Ready to strengthen electric power readiness?
Protect reliable electric service before an incident forces difficult decisions. Systems Risk Advisory can help your organization assess risk, strengthen OT/ICS and SCADA security, review physical security, test response procedures, and train the people who keep service operating.