Utilities
Transportation
Healthcare
Finance
Energy
Additional Industries
Resources
Our specialized team of experts are recognized leaders on industry best practices and processes, with talent from top security organizations such as NSA, CIA, FBI and DHS. Read about us, our ideas for security your digital transformation and insights on how others in your market are upgrading their cyber defense with Fortress.
White Paper: Asset to Vendor Network for Power Utilities
WHITE PAPER Asset to Vendor Network for Power Utilities The cost-effective CIP-013 supply chain risk management solution Abstract 1. Grid security has now expanded to encompass supply chain vendors.2. Asset to Vendor (A2V) is a joint venture of utility companies and...
THREAT INTELLIGENCE REPORT: Windows CryptoAPI Vulnerability
Threat Intelligence Report Windows CryptoAPI VulnerabilityJanuary 14, 2020 - Microsoft announced a critical vulnerability in CryptoAPI, a Microsoft interface which provides certificate validation for HTTPS connections, signed flies, signed emails, and signed...
PRESS RELEASE: FORTRESS LAUNCHES INNOVATIVE COLLABORATION TO HELP PROTECT THE POWER GRID FROM CYBER THREATS
Press ReleaseFORTRESS LAUNCHES INNOVATIVE COLLABORATION TO HELP PROTECT THE POWER GRID FROM CYBER THREATSFortress Information Security launches the Asset to Vendor Network (A2V), an new platform where electric energy companies can collectively help reduce the costs of...
U.S. Power Grid Experiences a Denial-of-Service Attack Due to Outdated Security Appliance
Threat Advisory U.S. POWER GRID EXPERIENCES A DENIAL-OF-SERVICE ATTACK DUE TO OUTDATED SECURITY APPLIANCE In May of 2019, the U.S. power grid experienced another attack. A series of unpatched Cisco Adaptive Security Appliances belonging to a western electric utility...
Webinar: NERC CIP Supply Chain Security Standards
WebinarNERC CIP Supply Chain Security Standards This webinar event originally broadcast live on May 29, 2019. Summary In this webinar, we will discuss the new requirements from NERC CIP-013-1, Cyber Security Supply Chain Risk Management. Join us as we address...
White Paper: NERC CIP COMPLIANCE
WHITE PAPERNERC CIP COMPLIANCEUpdates, Enforcement and Practical Implementation Introduction The North American Electric Reliability Corporation (NERC) is a non-profit organization tasked by the Federal Energy Regulatory Commission (part of the US Department of...
5 Steps to a Strong Vulnerability Management Program
Advisory5 STEPS TO A STRONG VULNERABILITY MANAGEMENT PROGRAM View More Resources Here 189 S Orange Ave #1950, Orlando, FL 32801 (407) 573.6800 sales@fortressinfosec.comCOPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY...
Webinar: CIP Compliance – Updates, Enforcement and Practical Implementation
Webinar CIP COMPLIANCE – UPDATES, ENFORCEMENT AND PRACTICAL IMPLEMENTATION This webinar event originally broadcast live on April 25, 2019. Summary In this webinar we will discuss the topic of NERC CIP compliance, what it means for utilities of all sizes and recent...
5 Steps for an Effective Third Party Vendor Risk Program
Advisory 5 STEPS FOR AN EFFECTIVE THIRD PARTY VENDOR RISK PROGRAM View More Resources Here 189 S Orange Ave #1950, Orlando, FL 32801 (407) 573.6800 sales@fortressinfosec.comCOPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY...
Emerging Risk Brief: Asset Risk Management
Emerging Risk BriefAsset Risk Management - For Port Authorities View More Resources Here 189 S Orange Ave #1950, Orlando, FL 32801 (407) 573.6800 sales@fortressinfosec.comCOPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY
Emerging Risk Brief: Small Suppliers, Big Security Threats for the Grid
Emerging Risk BriefSmall Suppliers, Big Security Threats for the GridExecutive Summary Electric utilities grapple with a myriad of cybersecurity challenges affecting the critical electric grid infrastructure. One area in particular that attackers have homed in on is...
PRESS RELEASE: Fortress Launches Foundations Program for NERC CIP Compliance Targeting Utilities
PRESS RELEASEFortress Information Security Launches Foundations Program for NERC CIP Compliance Targeting Utilities Seeking to Build or Expand their Compliance Operations ORLANDO, FLFebruary 6, 2019 Fortress Information Security, Inc (Fortress) announces the launch of...
Webinar: Power Plant Cyber Security & NERC CIP Compliance — How to Prepare, Plan & Respond
Webinar Power Plant Cyber Security & NERC CIP Compliance How to Prepare, Plan & Respond This webinar event originally broadcast live on November 13, 2018. Summary As critical infrastructure assets, power plants and utilities are under constant threat by...
Emerging Risk Brief: Maritime Cyber Threat Intelligence and Vulnerability Landscape
Emerging Risk BriefMaritime Cyber Threat Intelligence and Vulnerability Landscape Business / Industry Intelligence (Maritime / Cruise Line Industry) In recent years, cruise liners and their associated infrastructure rely more heavily on the interconnectivity of IT...
Emerging Risk Brief: Cyber Attacks on US Pipelines in 2019
Emerging Risk BriefCyber Attacks on US Pipelines in 2019technical intelligence On March 15-16, 2018, the U.S. Computer Emergency Readiness Team (US-CERT) released a joint Technical Alert (TA), which was the result of analytic efforts between the Department of Homeland...
White Paper: Building a Sustainable Maritime OT Cyber Security Program
Case StudyBUILDING A SUSTAINABLE MARITIME OT CYBER SECURITY PROGRAM Executive Summary The maritime industry including shipping companies, cargo carriers, and cruise lines is undergoing a massive digital transformation. It is seeing a dramatic shift from legacy,...
Use Case: National Healthcare Provider Takes Preventative Measures to Monitor Third-Party Risks
Problem National healthcare provider relies on hundreds of third-party vendors and medical devices that share sensitive information and interact with internal systems. Protected Health Information (PHI) can be worth 1000x more than financial data to hackers, and...
Use Case: How to Stay Out of the GDPR Crosshairs and Demonstrate a Commitment to Data Protection and Privacy
Problem A Fortune 500 multinational consumer organization was presented with the challenge of balancing automation of an extended global supply chain against the need to adequately protect sensitive customer data spread across markets with complex legal...
Use Case: Leading Exploration Player Keeps the Drills Running by Avoiding Cyber Attack
Problem A large Oil & Gas company had concerns about maintaining supply chain risk resilience and managing cyber security risks across its increasingly complex third-party network. As cybercriminal groups targeting the industry is on the rise, this is a very real...
Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid
Problem One of the largest U.S. energy utilities feeds the energy grid, powering millions of customers. Like many utility companies, they utilize information technology (IT), operational technology (OT), and a vast and complex supply chain to deliver their service...
Use Case: Top-20 Airline Takes Proactive Cyber Stance on Vendor Base
Problem The airline industry has a particularly large cyber-attack surface with so many critical systems including maintenance, repairs & overhaul; on-board aviation; in-flight entertainment & connectivity; airport-based industrial controllers, ticketing and...
Board Brief: IoT and the Risk to Healthcare Providers – What Does the Board Need to Know?
The Emerging Risk The Healthcare industry is improving its employee productivity and patient-care experience through the deployment of Internet of Things (IoT) devices. These devices range from medical equipment (MRI machines, infusion pumps, CAT scanners, vital sign...
Board Brief: What Cyber Questions Should the Board Ask Prior to an Acquisition?
Verizon and Marriott International, each a leader in their respective industries, completed acquisitions over the past few years. Both companies are presently facing significant liabilities due to security breaches that occurred prior to their acquisitions. The...
Emerging Risk Brief: Consequences of Cyber Attacks on Critical Infrastructure
More than 65% of companies with critical infrastructure suffered at least one attack in the past 1 year(1). Close to 80% expect a successful breach to their Industrial Control systems within the next two years. (1). In recent news(3) we learnt that North Korean...
Use Case: Major Entertainment Brand Tackles their Emerging Risk
Problem Major brand delivers its content at physical sites to hundreds of thousands of guests. Like many [manufacturing plants], the sites utilized a Connected Asset Ecosystem of physically accessible Internet of things (IOT), industrial technology (OT) and suppliers...
Board Brief: What’s the Lesson from the Equifax Breach?
Problem Major brand delivers its content at physical sites to hundreds of thousands of guests. Like many [manufacturing plants], the sites utilized a Connected Asset Ecosystem of physically accessible Internet of things (IOT), industrial technology (OT) and suppliers...
189 S Orange Ave #1950, Orlando, FL 32801
(407) 573.6800
sales@fortressinfosec.com
COPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY