Critical Infrastructure

Cadmus’ expertise in crisis preparedness is the foundation of our offerings to our critical infrastructure clients in energy, financial services, healthcare, and transportation.

Our approach takes into account that a cybersecurity attack affects the entire enterprise, not just the IT department. We help our clients understand, evaluate, and prepare for a whole-enterprise risk management strategy to counter the cybersecurity threat.

Cadmus assists our clients in answering critical questions, such as:

What are the processes in place for the entire organization, including the C-suite, information technology, legal, human resources, and public relations, to coordinate a response to the discovery of an attack?

What is the state of preparedness to share information with key stakeholders, including customers, regulators, and shareholders?

We support our clients with:

Enterprise Analysis and Risk Assessment

  • In-depth assessment of cyber-related operational and business risks for the enterprise
  • Analysis of current strategic, policy, and operational frameworks, including procedures for information sharing and crisis response coordination across the enterprise

Crisis Simulation and Exercises

  • Custom-designed, scenario-driven discussions, from tabletop to full-scale crisis simulation exercises, which involve the active participation of all key stakeholders across the corporate enterprise
  • Evaluation of information sharing and coordination process for a company-wide response involving all stakeholders, including C-suite, information technology, legal, human resources, and public relations

Crisis Response and Operational Planning

  • Management of identified gaps regarding technical preparedness, internal and external information sharing, coordination of crisis response, and existing business continuity plans
  • Refinement of strategies, policies and procedures to create a whole-enterprise approach to respond to the discovery of a cybersecurity-related incident, including addressing potential obligations to customers, regulators, the general public, and shareholders

Continuity and Resilience

  • Development of continual improvement plans that can address changing corporate needs
  • Awareness-building and tailored training programs to improve cross-enterprise workforce preparedness, including information sharing and crisis response coordination