Safeguarding Your Critical Operations With CCE

Consequence-Driven, Cyber-Informed Engineering (CCE) can be your next step in planning and implementing remediation and protection measures needed in today’s rapidly evolving threat environment.

A methodology developed by Idaho National Laboratory and implemented by 1898 & Co., CCE aims to help prepare for targeted sabotage to your organization's critical function. Leveraging CCE, organizations are able to take the highest consequence events that could impact safety or operational resiliency off the table, transferring or even eliminating risk to those elements.

The Four-Step Process

We put you in a stronger position to prepare for cyberattacks by reversing roles and adopting the perspective of an attacker in engineering your defense strategy.

  1. We ask what portion of the operational technology (OT) system is most critical to ongoing, core-mission operations.
  2. Once areas are identified, we begin to examine the data and specifications of the systems that deliver the core mission-critical functions.
  3. Next, we ask how an intruder would need to move around within the OT system to wreak the most havoc.
  4. Finally, we define engineering and operations controls actions to mitigate risks and establish detection of intruders inside the system.

The CCE process does more than force organizations to adopt the persona of a bad actor. It also requires honest introspection about weaknesses — identifying the most vulnerable points and formulating a realistic action plan that delivers results.

Move Faster Than Bad Actors

Many organizations allocate resources for maximum defense of perimeters, but devote minimal efforts on what to do once the bad actor is already in the system. This often leaves operators at a disadvantage. Your organization must grow and evolve with the creativity and determination demonstrated by the adversary.

The CCE approach puts you inside the mind of an attacker. It focuses on systems and process improvements, aimed at doing more than just keeping attackers out. It helps you formulate a strategy for what to do if they gain access and begin moving across your operation.

Finishing the Job
As a licensed CCE provider, 1898 & Co./Burns & McDonnell is combining 120 years of engineering and design experience with CCE’s innovative engineering approach for countering cyber sabotage to critical infrastructure. This combined approach is unique in the industry and our goal is to usher a new era of smart, safe, and resilient infrastructure. 1898 & Co./Burns & McDonnell stands ready to extend beyond the CCE process by implementing CCE recommended engineering and cybersecurity mitigations. Our knowledgeable team has many years’ experience in putting both engineering and cyber-related protective systems and procedures in place.

Engage on CCE with 1898 & Co. and protect what matters most to your company today.

Matt Morris

Matt Morris

Managing Director, Security & Risk Consulting

  Connect on LinkedIn

Interested in learning more?

Send Us a Note

Matt Morris

Managing Director

 Connect on Linkedin