Case study

CNI security

Black Site International, USA

37007917_BlackSiteInternational_Final4

Situation

Commissioned by one of the United States largest suppliers of water and wastewater to deliver a state-wide security risk analysis of its business, Black Site International chose HawkSight Software for the project. Mike Brueks, Director of Black Site International, stated, "There has been a massive change in the approach to risk and protection programmes for CNI projects in the USA since 9/11. Services like water and wastewater now have 'important to protect' status, which brings with it an expectation of suitable security programmes".

Solution

Water-Treatment-Plant-at-Sun-Rise-505212032_4710x3144

HawkSight Software comprehensive risk analysis, modelling and reporting tools all contributed to the effective communication of a range of complex scenarios.

Black Site International was able to effectively demonstrate the process of modelling risk according to both severity and likelihood in order to be able to understand potential impacts to the business.

This consistent application of methodology and the ability to run live comparative simulations meant that the company could evaluate the outcome of different risk mitigation measures, consider the optimal deployment of its budget, and make fully informed decisions.

Impact

Working with HawkSight SRM software enabled Black Site International to:

  • Apply consistent methodology to the assessment of security risks across an extensive infrastructure portfolio
  • Deliver a complete overview of the water company’s vulnerabilities
  • Improve the organisation’s understanding of risk led security management
  • Model and compare the outcomes of its risk mitigation options
  • Enable the critical national infrastructure (CNI) operator to make strategic decisions

 

“This project was about giving the board the information they needed to understand their risks and support them in making strategic decisions for the business. HawkSight Software’s ability to calculate risk based on ISO 31000 risk management guidelines was invaluable. The clarity and visibility that this approach delivered have empowered my clients”.