SERVICES
CASE STUDIES
LIBRARY
COMPANY
CONTACT US
Button switch
Services
Case Studies
Library
Company
Contact us
case study

In-Depth Network Review

The Challenge

The client was preparing for along-term rollout of a new network visibility tool across its OT environments. With a wide footprint spanning multiple states, the client faced limited visibility into what actually existed within their facilities and on their networks. Asset inventories were incomplete, network diagrams were outdated or nonexistent, and network architecture varied between sites. This lack of foundational documentation proved to be a unique challenge, since it limited the ability to deploy monitoring tools consistently and raised concerns about compliance implications at CIP-applicable sites. Further, the client’s substations and LNG facilities presented very different networking realities; substations tended to be compact and well-contained, while LNG sites featured physically dispersed control systems as well as a wider variety of OT devices, and as such, required significantly more complex network topologies.

 

Our Approach

NST began working with the client in early 2023, focusing first on OT network assessments at substations across upstate New York and New England. These assessments followed a consistent, repeatable framework designed to build a strong technical foundation:

·      Conducting on-site walk downs of each facility,

·      Developing comprehensiveOT asset inventories,

·      Producing detailed network diagrams and architecture documentation, and

·      Identification of monitoring points and visibility gaps.

 

This work established a clear, accurate picture of each substation’s OT environment and enabled the successful deployment of the monitoring tool across the network.

Recognizing the value of this approach, the client expanded the effort to include LNG facilities later that year. Although these sites were not subject to NERC CIP requirements, the client saw clear benefits in applying the same best-practice methodology.

At the LNG sites, NST encountered significantly more complex networks. Unlike substations, where systems are typically consolidated into a single control house, LNG facilities employed physically dispersed control systems across the site. Control elements near tanks and process equipment were connected back to central control rooms via extensive fiber infrastructure, resulting in intricate and unique network designs.

NST worked closely with site SMEs to document these environments in detail, mapping fiber paths and patch panels, switches, routers, and other interconnections. This level of documentation proved critical not only for visibility, but also for aligning the OT security design with operational and safety constraints.

 

Expanded Support: CADRs and Ongoing Engagement

NST’s deep familiarity with the client’s LNG operations later proved invaluable during subsequent CybersecurityArchitecture Design Reviews (CADRs) to satisfy TSA Security Directive Pipeline-2021-02. Having already spent time on-site and built strong working relationships with SMEs, NST was a natural fit to support CADRs for the client.

This continuity reduced onboarding time, improved communication, and helped the client navigate the assessment process more efficiently.

 

A Unique Project

NST was subsequently engaged to evaluate the potential impacts of consolidating the client’s OT monitoring center into its significantly larger corporate IT operations center. NST dug deep into the finer details of the proposed consolidation, including an assessment of different levels of integration. NST examined potential implications for compliance and operations personnel, as well as the greater organizational structure of the client. With a holistic view of the merger’s effects on both compliance and business operations, the client was able to make a well-informed decision on the future of their program.

Beyond these efforts, NST has continued to provide programmatic support across multiple departments, offering feedback on areas such as personnel risk programs and broader OT security initiatives.

 

Continued Partnership

NST continues to work with this client as they expand and refine their OT security program. NST plans to continue assisting with tool implementation, security assessments, and program review. Additionally, NST is planning to support this client with the development of an Internal Network Security Monitoring (INSM) program to satisfy the to-be-enforced requirements in CIP-015.

Continue reading
All Case studies
Button switch
In-Depth Network Review
A large, multi-state energy provider operating a diverse mix of transmission, gas, and LNG assets across the Northeast was looking to implement a new tool to improve network visibility. NST supported them through every step of the way.
Audit Prep + Paper and Active VAs
Following a successful audit prep engagement, NST was invited to perform a CVA. This contract has been extended annually for six additional years.

The Original
NERC CIP Team

Want to go above and beyond? Keep clicking.
Or just call NST today.
CONTACT US
You're one click away from meeting the best NERC CIP team in North America.
CONTACT US
SERVICES
NERC CIP COMPLIANCE
INFORMATION + CYBER SECURITY
RISK + REGULATORY SOLUTIONS
RESOURCES
CASE STUDIES
COMPANY
ABOUT US
OUR TEAM
© 2025 Network + Security Technologies. All rights reserved.
Terms of Use  -
Privacy Policy