Industry-Wide Initiative Comes Amid Increased Investor ESG Activism and Upcoming ESG Requirements from the Securities and Exchange Commission (SEC)

Orlando, FL

Utility owners must have a holistic view of cyber and non-cyber risk of third parties to protect and foster the resiliency of U.S. critical infrastructure assets. Fortress Information Security (Fortress) has worked side by side with utilities to help identify and manage cyber risk for the past five years, leading industry-wide efforts and collaboratives such as the Asset to Vendor Network (A2V) and the North American Energy Software Assurance Database (NAESAD).

Today, Fortress, the leader in supply chain cybersecurity risk management for the energy and defense sectors, launched a new offering within NAESAD to help utilities tackle new regulatory and supply chain risks related to environmental, social, and governance (ESG) issues. 

As investor demand for climate and other ESG information soars, the U.S. Securities and Exchange Commission (SEC) is expected to release new guidance and requirements for public companies, including utilities, this year. In collaboration with its utility partners and field experts, Fortress developed a standardized ESG questionnaire for the utility sector. The NAESAD collects and stores questionnaire responses while offering risk resolution solutions.

"NAESAD is truly an initiative driven by our industry partners to tackle a shared challenge," said Betsy Soehren-Jones, Chief Operating Officer for Fortress. "The same strategies utilities have used to tackle cyber risk are now being used to manage new, non-cyber supply chain risks across all vendors."

ESG is quickly becoming a critical risk vector that must be quantified and managed. ESG data allows stakeholders to assess key components of corporate responsibility. It is a check and balance that empowers investors to measure whether companies are fulfilling their commitments in environmental, social, and governance issues relevant to their supply chains. With new directives from the SEC and other regulatory bodies, ESG reporting may soon be mandatory.

Utilities are gathering to discuss ESG and other third-party risk benchmarking topics on May 22nd and May 23rd. 

If you are interested in attending, click here to learn more and register: Third-Party Risk Benchmarking Sessions

About Fortress Information Security

Fortress secures North America's power and defense supply chains from cyberattacks on operational and critical enterprise technologies. Fortress' proprietary technology platform orchestrates North America's most advanced cyber supply chain risk management and vulnerability management programs. Fortress operates the Asset to Vendor Network and the North American Energy Software Assurance Database, which give critical operators confidence that the products, services, and software they obtain from others are cyber-safe. Fortress is a Goldman Sachs portfolio company.