A2V Supplier Security Network for Cyber-Supply Chain Risk Management (C-SCRM)
The A2V Supplier Security Network is a unique, scalable solution for achieving and maintaining regulatory compliance requirements.
The industries which service the nation’s critical infrastructure have recently begun to embrace the digital transformation, bridging the communication gap between vendors and clients. However, as innovative technology is developed, cybercrime races on its heels.
Most notably, grid security has now expanded to encompass supply chain vendors, vastly increasing the landscape which lies vulnerable to cyberattacks. Many organizations face significant challenges in managing risk across multiple applications and infrastructure. This sprawling cyber landscape calls for industry collaboration and information sharing, a community of organizations with a common goal – cost efficient, reliable, and compliant cybersecurity solutions.
The A2V network is a joint venture of utility companies and Fortress Information Security where members benefit from sharing risk information at a savings of up to 50% or more below traditional costs. The Network seeks to continuously improve through the Governance Committee, comprised of key industry members who work together to achieve the common goal of staying ahead of industry, security, and regulatory requirements.
CIP-013 implementation guidance published by NATF1 and NERC2 suggests performing product risk assessments, vendor risk assessments, and verifying the integrity and authenticity of software (e.g., patches) which are all available here on the A2V platform.
Download the whitepaper to learn about the Fortress A2V Supplier Security Network and Data Exchange.