Power Utilities Share the Same Cyber Security Challenges

Third PARTY RISK MANAGEMENT

CYCLE TIME:  Takes years to risk rank vendors populations

COST & FREQUENCY: Point-in-time assessments creates gaps in risk awareness

EFFECTIVENESS: Non-responsive vendors challenge risk management goals

ASSET RISK MANAGEMENT

DECENTRALIZATION: Silos lead to inconsistent governance

NO SINGLE PANE OF GLASS: Disparate tools create inefficiencies

DUPLICATION OF EFFORTS: Each organization verifies the same patch/solution

COLLABORATION is the answer, Not COMPETITION 

Introducing the Asset to Vendor Network (A2V),
Next-Generation Third Party and Asset Risk Management

Asset to Vendor network is a consortium of POwer utilities who share the cost of vendor risk assessments and cyber asset vulnerability patches and solutions to reduce risk,  avoid duplication,  and bend the O&M Curve. 

 

» Records are created once, shared with many

» Automated risk rank

» Continuous operational monitoring

» Collective bargaining power is leveraged to accelerate remediation

How A2V Works

Asset to Vendor Network for Power Utilities 1

Outcomes of A2V 

THIRD PARTY RISK MANAGEMENT

CYCLE TIME:  Cost and turn time reduction from years to days
COST & FREQUENCY: Continuous operational monitoring
EFFECTIVENESS: Collective bargaining power is leveraged to accelerate remediation

 

ASSET RISK MANAGEMENT

CENTRALIZATION:  Connecting Silos to increase efficiency and effectiveness
A SINGLE PANE OF GLASS: Gives visibility and clarity
NO DUPLICATION OF EFFORTS: Data is shared between organizations

 

A2V LOAD-BALANCES EFFORT AND RISK

Organizations share many of the same assets and vendors.  Smaller companies have fewer resources to invest in securing the perimeter, which increases the risk for the whole grid.  A2V Resolves this imbalance.

 

A2V Connects Assets and Vendors in a Holistic Approach in Compliance with NERC CIP-013.

Powered by Fortress Technology

The Fortress platform Provides Supply chain risk and Vulnerability risk Management solutions for Assets and Vendors. 

» System of Record for NERC Compliance.
» Connects Assets to Vendors in Compliance with NERC CIP-013.
» Automated Risk Ranking for Faster Prioritization
» Deep Analytics with Data Exploration
» Bundled Continuous Monitoring
 

The Fortress Platform currently helps secure 10% of the US power grid & key assets.

 

Asset to Vendor Network for Power Utilities 2

Connect with us

Talk with Fortress today about how to manage risk and get better performance and compliance across your enterprise! Set up an appointment to speak with a representative.

 

189 S Orange Ave #1950, Orlando, FL 32801
855.367.8737
sales@fortressinfosec.com


Asset to Vendor Network for Power Utilities 3

Asset to Vendor Network for Power Utilities 4 Asset to Vendor Network for Power Utilities 5 Asset to Vendor Network for Power Utilities 6

189 S Orange Ave #1950, Orlando, FL 32801
(855) 367.8737
sales@fortressinfosec.com

COPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY

Emerging Risk Brief

ASSET RISK MANAGEMENT - FOR PORT AUTHORITIES

Advisory

5 STEPS FOR AN EFFECTIVE THIRD PARTY VENDOR RISK PROGRAM

White Paper

CIP COMPLIANCE – UPDATES, ENFORCEMENT AND PRACTICAL IMPLEMENTATION

Advisory

5 STEPS TO A STRONG VULNERABILITY MANAGEMENT PROGRAM

WHITE PAPER

NERC CIP COMPLIANCE

Subscribe to Fortress Newsletter

For breach reports, threat intelligence, regulatory
updates, cyber security news alerts and more,
sign up to receive the Fortress Newsletter.

No, thanks!

Threat Advisory

Outdated Security Appliance Facilitates Denial-of-Service Attack on U.S. Grid

WEBINAR DOCUMENT

NERC CIP SUPPLY CHAIN SECURITY STANDARDS