We would like today to take this opportunity to provide high-level information describing our skill set and expertise in risk management for critical infrastructures, which we feel makes us a prime candidate to fulfill the future security needs of your organization.
Below are examples of significant projects we have successfully under taken. In order to comply with confidentiality requirements the name of the client involved has been redacted where necessary.
Sample Mandates
Critical Infrastructure Security-Energy Sector
Several of the largest energy corporations throughout the USA, Canada have employed our personnel to direct large security protection programs (typical organization exceeded 400 security personnel per site, with operating budgets exceeding $40M) involving both armed and unarmed security forces. Responsibilities included the development and implementation of threat and vulnerability assessments, training, and protection strategies. The primary goal of these programs was the protection of company personnel, critical equipment and the public from a variety of external and internal threats and attacks. Additionally, we were responsible for collaborating with local, state, and federal emergency response organizations to formally establish “unified command” programs to specifically address the roles and responsibilities when integrating emergency response organizations and the site private security organizations in response to actual security threats and attacks at the facilities. Examples of the types of events we were responsible for implementing planning robust security coordination using unified command included: 1) FBI-identified credible threat of air attack (similar to attack of 9-11) in combination with coordinated ground attack against facility; 2) Multiple acts of significant vandalism and sabotage to critical safety equipment; 3) Annual and unpredictable coordinated protests conducted against facility by activists groups; 4) Internal strikes by site union employees.
Critical Infrastructure Government and Community Affairs-Energy Sector
One of the largest energy utility corporations employed our personnel who were tasked with the creation of Issues Management, Conflict Resolution, and Corporate Reputation Management strategies and implementation of those plans. The primary objective of these plans was to mitigate negative public reaction, media, and public policy impact for any electric, gas, or environmental project. This was to be accomplished by working directly with the public, and government officials. The result was the protection of the company’s bottom line and reputation. Examples of the types of significant projects included: 1) Transportation of the Shoreham nuclear fuel to the Limerick Nuclear Generating Facility; 2) The new construction of seven (7) mile aerial high-voltage line; 3) New Construction of new electrical substations; 4) New construction projects installing numerous gas lines. Each of these projects represents challenging issues with handling negative public action and emotion to stop each of these projects from occurring. As such, we established a unique concept using a team of experts to assuage the emotion and improve communications with the public and key stakeholders by conducting comprehensive studies to fully understand the issues, activists, and other organizations supporting or opposed to projects, and then researching current and historical records to prepare for the types of concerns and issues the communities had previously protested. This approach manifested with the “unique” design of the public meetings proving invaluable and highly successful in mitigating the sensationalism and emotion of stakeholders, resulting in successful projects with minimal impact to their completion.
Information Sharing & Analysis Centers
Information Sharing & Analysis Centers (ISACs) are member-driven organizations, delivering all-hazards threat and mitigation information to asset owners and operators. One of our personnel was a member of the FBI for over 24 years and was part of the U.S. Government’s Critical Infrastructure Key Resource team within the Department of Homeland Security. He was the FBI’s chief liaison officer to the Petroleum and Gas ISAC for over 4 years. As such, he was intimately involved in analyzing the incoming flow of information and threat assessments and in turn feeding this information to the ISAC. He specialized in best practises from a cyber-perspective. In 2015 the Industrial Control Systems Cyber Emergency Response Team responded to 295 incidents.
Asset & Personnel Protection
Company W decided to downsize and relocate a plant. The employees, union, municipality and residents were strongly opposed to the decision. The ensuing hostile atmosphere prompted the company to give our personnel a mandate to arrange protection for the physical assets of the company, the executives and their families. This project lasted 6 months and involved 120 guards protecting the infrastructure and a team of 30 executive protection specialists. Sophisticated electronic tools were deployed and a command center was established to provide 24-hour a day monitoring on the plant, its equipment and the personnel. Additionally, a positive working relationship was developed with the local law enforcements agencies. The mandate was successfully completed with no damage to assets and no injuries to personnel.
Technology Rollout
Company V was still relying on the honor system to control access to its facilities, as its workforce exceeded 35,000 employees and spread across more than 800 locations. Recognizing that this outdated system lent itself to significant loss risks, senior management decided that a state of the art, computer based system was needed. Our personnel were chosen to head the project, and were tasked with surveying the market for viable options, selecting a new system, negotiating contracts to acquire and service it, and managing the installation of the hardware and software. Simultaneously, a training program was designed, developed, logistically arranged and then delivered to the employees and management. All of this was accomplished on time, in budget and in scope.
Incident Management
In order to provide a solution to multiple companies our personnel established and managed an Incident Response Management Service (IRMS) team. In order to satisfy the need for 24/7 service, two North America call centers were established and manned; one on the east coast and the other on the west coast. These call centers receive reports of incidents, both by phone and electronically (e-mail). These call centers are staffed with specialists who record all the details of an incident into a sophisticated database and then manage the response to the incident from reception until resolution. During 2016 these call centers handled more than 25,000 incidents. Using defined escalation procedures, incidents are directed to increasingly senior people in the companies or external services (e.g. police) as is needed.