Critical Infrastrucutre

EWA-Australia and our corporate partners, EWA-IIT and EWA-Canada are experienced in the conduct of security risk reviews and information system security evaluations using our community-unique multi-disciplined approach. As recognised leaders in the industry, EWA has performed security assessments for both government and commercial clients in the United States, Canada, Europe and Australia. We evaluate existing systems from both an internal and external perspective, this analysis includes identification of security vulnerabilities and critical infrastructure weaknesses.

Examples include:

  • Subsequent to 11 September 2001, EWA-IIT conducted a full-scope assessment of the rail industry security in the U.S., Canada, and Mexico, on behalf of the Association of American Railroads. As a consequence of the assessment, major countermeasures were implemented to address infrastructure vulnerabilities. Among these measures was the establishment of the Surface Transportation Information Sharing and Analysis Center (ST-ISAC) for the purpose of 24/7 emergency response, infrastructure information sharing, and infrastructure security management. EWA-IIT also manages the Water Industry ISAC. The areas addressed by these ISACs include physical security, technical security, and personnel security.
  • EWA-Canada currently provides a variety of security services the Canadian energy industry, including network intrusion detection services. Additionally EWA has provided critical infrastructure protection services to the Canadian federal government in the telecommunications sector and are engaged by both telecommunications and financial institutions for the provision of critical infrastructure IT security services.
  • EWA-Australia is providing information security services to the energy industry in Australia, in particular we are providing vulnerability, threat and risk assessment services.

EWA-Australia ensures their effectiveness in Critical Infrastructure protection and assessment, through compliance in various guidelines including: "Securing Queenslanders Critical Infrastructure", by the Department of the Premier and Cabinet and from references and information from the Australian National Critical Infrastructure Advisory Council. Our strengths are based upon:

  • a capability to provide comprehensive information security services to both public and private sector clients;
  • vendor independence;
  • commitment to the development of the e-security industry via active participation in industry associations and international R & D activities;
  • ISO 9000:2001 certification of our Quality Management System that enunciates our commitment to our client's security;
  • provision of extensive information security training services in collaboration with AusCERT and the University of Queensland;
  • and the development of solutions founded on national and international standards and best practices.

As testament to our credentials EWA is a current member of the following panels:

  • Australian Government Endorsed Supplier Arrangement (ESA),
  • Department of Defence's Project Management Support Services (PMSS) Security Systems, and
  • Australian Taxation Office's Security Service Provider Panel.

EWA can provide Managers of critical infrastructure considerable experience in protecting assets. Critical infrastructure managers typically monitor proprietary, closed, legacy systems once, but no longer, thought to be invulnerable. Supervisory Control and Data Acquisition (SCADA) systems and Energy Management Systems (EMS) are critical systems that require reliable and secure communication networks.

To address these challenges, EWA offers a unique combination of services and education to enable continuous and measurable protection.

EWA does not favour or promote any specific software product or business model. Rather, EWA is promoting enhanced security.