fbpx
WHITE PAPER

The cost-effective CIP-013 supply chain risk management solution

Abstract

1. Grid security has now expanded to encompass supply chain vendors.

2. Asset to Vendor (A2V) is a joint venture of utility companies and Fortress Information Security where members benefit from sharing risk information at a savings of up to 50% or more below traditional costs. Contribute > Share > Reduce O&M.

3. CIP-013 implementation guidance published by NATF1 and NERC2 suggests performing product risk assessments, vendor risk assessments, and verifying the integrity and authenticity of software (e.g., patches) which are all available on the A2V platform. The governance committee of A2V, held by utility members, ensures that the Network remains ahead of industry, security and regulatory requirements.
4. Vendors will benefit from reduced overhead by having a conduit for sharing their risk assessments in a standardized format which is acceptable by their clients.

White Paper: Asset to Vendor Network for Power Utilities 1

The digital revolution has created new opportunities, but it has also created new vulnerabilities. Globalization and technological transformation have vastly enhanced the efficiency of supply chains for companies and organizations in every sector but have also contributed to creating vulnerabilities and raising risk exposure.

Power utilities, like many other industries, have embraced the digital transformation, realizing significant benefits in their interactions with vendors and customers. They have also experienced an increased attack surface. They are aware of the risks and the need for strong security. However, power utilities face many challenges in managing risk across applications and infrastructure.

View More Resources Here

White Paper: Asset to Vendor Network for Power Utilities 2
Utilities
White Paper: Asset to Vendor Network for Power Utilities 3
Transportation
White Paper: Asset to Vendor Network for Power Utilities 4
Healthcare
White Paper: Asset to Vendor Network for Power Utilities 5
Finance
White Paper: Asset to Vendor Network for Power Utilities 6
Energy
White Paper: Asset to Vendor Network for Power Utilities 7
Additional Industries
White Paper: Asset to Vendor Network for Power Utilities 8

White Paper: Asset to Vendor Network for Power Utilities 9 White Paper: Asset to Vendor Network for Power Utilities 10 White Paper: Asset to Vendor Network for Power Utilities 11

189 S Orange Ave #1950, Orlando, FL 32801
(407) 573.6800
sales@fortressinfosec.com

COPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY

THREAT INTELLIGENCE REPORT

Windows CryptoAPI Vulnerability

White Paper

Asset to Vendor Network for Power Utilities

PRESS RELEASE

FORTRESS LAUNCHES INNOVATIVE COLLABORATION TO HELP PROTECT THE POWER GRID FROM CYBER THREATS

Emerging Risk Brief

ASSET RISK MANAGEMENT - FOR PORT AUTHORITIES

Advisory

5 STEPS FOR AN EFFECTIVE THIRD PARTY VENDOR RISK PROGRAM

White Paper

CIP COMPLIANCE – UPDATES, ENFORCEMENT AND PRACTICAL IMPLEMENTATION

Advisory

5 STEPS TO A STRONG VULNERABILITY MANAGEMENT PROGRAM

WHITE PAPER

NERC CIP COMPLIANCE

Subscribe to Fortress Newsletter

For breach reports, threat intelligence, regulatory updates, cyber security news alerts and more, sign up to receive the Fortress Newsletter.

No, thanks!

Threat Advisory

Outdated Security Appliance Facilitates Denial-of-Service Attack on U.S. Grid

WEBINAR DOCUMENT

NERC CIP SUPPLY CHAIN SECURITY STANDARDS