AESI-US Inc. Cyber and Physical Security Consulting

AESI-US, Inc. provides cyber and physical security engineering and consulting for public power utilities (electric, water, gas). Leaning on best practices and meeting appropriate industry standards, AESI supports the planning, implementation, and maintenance of comprehensive security solutions. Services include risk assessments, product assessments, network architecture reviews, penetration testing, hands-on day-to-day routine tasks, and regulatory compliance. Beyond security, AESI works for optimal communication and resiliency in its strategic solutions when integrating IT/OT technologies.

AESI has been supporting utility clients since 1984, providing services to over 500 utilities in North America and internationally. The company has a deep and successful track record in public power, with long-term experience supporting joint action agencies and municipal distribution utilities. Drawing upon the NIST Framework for Improving Critical Infrastructure Cybersecurity, AESI works with utilities through the different elements in the process to develop an appropriate, sustainable program.

Products and Services
Holistic Approach to Cybersecurity
At the IT level, every utility must protect confidential customer data, billing data, and corporate data. Additionally, the utility must secure its Operational Technology (OT) for the monitoring and operations of the power system—EMS/SCADA systems, substations, smart metering, telecommunications, monitoring systems, and physical protection systems. Understanding what each system needs, and recognizing that IT and OT are not the same, are important steps to ensuring that the right measures are applied to the applicable systems to appropriately protect the systems and assets. It is the understanding that cybersecurity is more than just firewalls—it’s a living process that MUST be proactive and flexible/adaptable.

AESI keeps public power systems ahead of the game by providing cybersecurity education to all levels of the organization, developing policies and procedures for staff to follow, and providing hands-on, niche technical skills that may not exist on staff at the utility or joint action agency.

Three Lines of Cybersecurity Defense
Hometown Connections partners with AESI, N-Dimension Solutions, and Wortham Power Gen Insurance to provide THREE LINES OF DEFENSE against cyber threats:

MONITORING/ASSESSMENT
By N-Dimension Solutions

  • Continuous threat monitoring of network traffic
  • On-demand vulnerability assessment

ENGINEERING/CONSULTING
By AESI

  • Holistic program development, assessments and implementation
  • Workshops/training for board, executive management, and staff

LIABILITY INSURANCE
By Wortham Power Gen Insurance

  • Financial protection from breach of customer/employee data
  • Including notification/credit monitoring costs, legal fees, fines, income protection, professional services

Physical Security Assessment
The utility’s risk management program must incorporate the physical security of its facilities. AESI’s Physical Security Assessment examines the overall physical security of buildings, specific equipment within the building facilities, and locations while factoring in key business objectives. AESI evaluates all the physical security controls, such as:

  • Visitor entry and verification procedures
  • Access control systems (including badges)
  • Security guards and guard rotation
  • Data center and control center specific controls
  • Document destruction
  • CCTV or other surveillance cameras
  • Alarms
  • Life safety systems
  • Exterior & interior lighting for security & safety purposes
  • Landscaping for crime prevention
  • Crisis management & business continuity programs
  • Workplace violence protection and training

AESI focuses on helping the utility avoid a potential disruption in service, loss of reputation, negative financial impacts, and dangerous physical conditions for staff and customers.

IT/OT Services
AESI supports the integration and communications that marry IT and OT with technology strategy and planning, architecture design, communications network planning, system installations and configuration, system integration and commissioning, data management and historians, SCADA/GIS/OMS Services, on-going sustainment and support, and custom software development.