PRESS RELEASE: FORTRESS LAUNCHES ASSET TO VENDOR NETWORK JOINT VENTURE WITH AEP TO HELP PROTECT THE POWER GRID FROM CYBER THREATS
CIP-013 Countdown
or
or
NERC requires power utilities to comply with standard CIP-013 by July 1, 2020.
Power Utilities Share the Same Cyber Security Challenges
Third PARTY RISK MANAGEMENT
CYCLE TIME: Takes years to risk rank vendors populations
COST & FREQUENCY: Point-in-time assessments creates gaps in risk awareness
EFFECTIVENESS: Non-responsive vendors challenge risk management goals
ASSET RISK MANAGEMENT
DECENTRALIZATION: Silos lead to inconsistent governance
NO SINGLE PANE OF GLASS: Disparate tools create inefficiencies
DUPLICATION OF EFFORTS: Each organization verifies the same patch/solution
COLLABORATION is the answer, Not COMPETITION
Introducing the Asset to Vendor Network (A2V),
Next-Generation Third Party and Asset Risk Management
Asset to Vendor network is a consortium of Power utilities who share the cost of vendor risk assessments and cyber asset vulnerability patches and solutions to reduce risk, avoid duplication, and bend the O&M Curve.
» Records are created once, shared with many
» Automated risk rank
» Continuous operational monitoring
» Collective bargaining power is leveraged to accelerate remediation
How A2V Works

Outcomes of A2V
THIRD PARTY RISK MANAGEMENT
CYCLE TIME: Cost and turn time reduction from years to days
COST & FREQUENCY: Continuous operational monitoring
EFFECTIVENESS: Collective bargaining power is leveraged to accelerate remediation
ASSET RISK MANAGEMENT
CENTRALIZATION: Connecting Silos to increase efficiency and effectiveness
A SINGLE PANE OF GLASS: Gives visibility and clarity
NO DUPLICATION OF EFFORTS: Data is shared between organizations
A2V LOAD-BALANCES EFFORT AND RISK
Organizations share many of the same assets and vendors. Smaller companies have fewer resources to invest in securing the perimeter, which increases the risk for the whole grid. A2V Resolves this imbalance.
A2V Connects Assets and Vendors in a Holistic Approach in Compliance with NERC CIP-013.
Powered by Fortress Technology
The Fortress platform Provides Supply chain risk and Vulnerability risk Management solutions for Assets and Vendors.
» System of Record for NERC Compliance.
» Connects Assets to Vendors in Compliance with NERC CIP-013.
» Automated Risk Ranking for Faster Prioritization
» Deep Analytics with Data Exploration
» Bundled Continuous Monitoring
The Fortress Platform currently helps secure 10% of the US power grid & key assets.

Media Coverage of Asset to Vendor
Fortress Information Security Strives to Help Protect Critical Infrastructure
The agencies and businesses that make up the backbone of our critical infrastructure have a larger bullseye on their backs than an average company...
Get in touch
Want to find out how Fortress can solve problems specific to your business? Let's connect.
Contact Sales
189 S Orange Ave #1950, Orlando, FL 32801
(407) 573.6800
sales@fortressinfosec.com
COPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY