Resources
Our specialized team of experts are recognized leaders on industry best practices and processes, with talent from top security organizations such as NSA, CIA, FBI and DHS. Read about us, our ideas for security your digital transformation and insights on how others in your market are upgrading their cyber defense with Fortress.

PRESS RELEASE – NiSource Joins the Asset to Vendor Network in Push to Secure U.S. Utilities
Press Release NiSource Joins the Asset to Vendor Network in Push to Secure U.S. Utilities Orlando, FL, November 17, 2020 - NiSource, one of America’s largest fully-regulated natural gas and electric utilities has joined the Asset to Vendor Network (A2V), a national...

PRESS RELEASE – Hitachi ABB Power Grids joins effort to protect power utilities from cyber threats
Press Release Hitachi abb power grids joins effort to protect power utilities from cyber threats Global leader and pioneer in power technologies will share cybersecurity information with utilities through the Fortress Asset to Vendor Network Raleigh, North...

PRESS RELEASE – Fortress Information Security Adds New Partner In Securing U.S. Power Grid
Press Release Fortress Information Security Adds New Partner In Securing U.S. Power Grid Orlando, FL, June 1, 2020 – The Asset to Vendor Network for Power Utilities (A2V) today announced the group’s first new partner. Founded by Fortress Information Security...

PRESS RELEASE – Security and Compliance Innovator, Tobias Whitney, Joins Fortress Information Security
Press Release Security and Compliance Innovator Joins Fortress Information Security to Develop Groundbreaking Solutions for Utilities, Vendors, and Service Providers Tobias Whitney Joins Orlando-based Security Company Building Solutions for Leading U.S. Energy...

Threat Intelligence Report:Zoom Video Conferencing & Communications
Threat Intelligence Report Zoom Video Conferencing & Communications April 2, 2020 Summary: Zoom is the leader in modern enterprise video communications, with an easy, reliable cloud platform for video and audio conferencing, collaboration, chat, and webinars...

4 KEY FACTORS TO A SUCCESSFUL WORK FROM HOME SECURITY ACTION PLAN
BLOG POST - Business Continuity 4 Key factors to a successful work from home security action plan We know that coping with a pandemic is challenging, and we want you to rest easy in the knowledge that your data remains safe and well protected. Fortress, like many...

White Paper: Asset to Vendor Network for Power Utilities
WHITE PAPER Asset to Vendor Network for Power Utilities The cost-effective CIP-013 supply chain risk management solution Abstract 1. Grid security has now expanded to encompass supply chain vendors.2. Asset to Vendor (A2V) is a joint venture of utility companies and...

THREAT INTELLIGENCE REPORT: Windows CryptoAPI Vulnerability
Threat Intelligence Report Windows CryptoAPI VulnerabilityJanuary 14, 2020 - Microsoft announced a critical vulnerability in CryptoAPI, a Microsoft interface which provides certificate validation for HTTPS connections, signed flies, signed emails, and signed...

PRESS RELEASE: FORTRESS LAUNCHES INNOVATIVE COLLABORATION TO HELP PROTECT THE POWER GRID FROM CYBER THREATS
Press ReleaseFORTRESS LAUNCHES INNOVATIVE COLLABORATION TO HELP PROTECT THE POWER GRID FROM CYBER THREATSFortress Information Security launches the Asset to Vendor Network (A2V), an new platform where electric energy companies can collectively help reduce the costs of...

U.S. Power Grid Experiences a Denial-of-Service Attack Due to Outdated Security Appliance
Threat Advisory U.S. POWER GRID EXPERIENCES A DENIAL-OF-SERVICE ATTACK DUE TO OUTDATED SECURITY APPLIANCE In May of 2019, the U.S. power grid experienced another attack. A series of unpatched Cisco Adaptive Security Appliances belonging to a western electric utility...

White Paper: NERC CIP COMPLIANCE
WHITE PAPERNERC CIP COMPLIANCEUpdates, Enforcement and Practical Implementation Introduction The North American Electric Reliability Corporation (NERC) is a non-profit organization tasked by the Federal Energy Regulatory Commission (part of the US Department of...

5 Steps to a Strong Vulnerability Management Program
Advisory5 STEPS TO A STRONG VULNERABILITY MANAGEMENT PROGRAM View More Resources Here 189 S Orange Ave #1950, Orlando, FL 32801 (407) 573.6800 sales@fortressinfosec.comCOPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY...

5 Steps for an Effective Third Party Vendor Risk Program
Advisory 5 STEPS FOR AN EFFECTIVE THIRD PARTY VENDOR RISK PROGRAM View More Resources Here 189 S Orange Ave #1950, Orlando, FL 32801 (407) 573.6800 sales@fortressinfosec.comCOPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY...

Emerging Risk Brief: Asset Risk Management
Emerging Risk BriefAsset Risk Management - For Port Authorities View More Resources Here 189 S Orange Ave #1950, Orlando, FL 32801 (407) 573.6800 sales@fortressinfosec.comCOPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY

Emerging Risk Brief: Small Suppliers, Big Security Threats for the Grid
Emerging Risk BriefSmall Suppliers, Big Security Threats for the GridExecutive Summary Electric utilities grapple with a myriad of cybersecurity challenges affecting the critical electric grid infrastructure. One area in particular that attackers have homed in on is...

PRESS RELEASE: Fortress Launches Foundations Program for NERC CIP Compliance Targeting Utilities
PRESS RELEASEFortress Information Security Launches Foundations Program for NERC CIP Compliance Targeting Utilities Seeking to Build or Expand their Compliance Operations ORLANDO, FLFebruary 6, 2019 Fortress Information Security, Inc (Fortress) announces the launch of...

Emerging Risk Brief: Maritime Cyber Threat Intelligence and Vulnerability Landscape
Emerging Risk BriefMaritime Cyber Threat Intelligence and Vulnerability Landscape Business / Industry Intelligence (Maritime / Cruise Line Industry) In recent years, cruise liners and their associated infrastructure rely more heavily on the interconnectivity of IT...

Emerging Risk Brief: Cyber Attacks on US Pipelines in 2019
Emerging Risk BriefCyber Attacks on US Pipelines in 2019technical intelligence On March 15-16, 2018, the U.S. Computer Emergency Readiness Team (US-CERT) released a joint Technical Alert (TA), which was the result of analytic efforts between the Department of Homeland...

White Paper: Building a Sustainable Maritime OT Cyber Security Program
Case StudyBUILDING A SUSTAINABLE MARITIME OT CYBER SECURITY PROGRAM Executive Summary The maritime industry including shipping companies, cargo carriers, and cruise lines is undergoing a massive digital transformation. It is seeing a dramatic shift from legacy,...

Use Case: National Healthcare Provider Takes Preventative Measures to Monitor Third-Party Risks
Problem National healthcare provider relies on hundreds of third-party vendors and medical devices that share sensitive information and interact with internal systems. Protected Health Information (PHI) can be worth 1000x more than financial data to hackers, and...

Use Case: How to Stay Out of the GDPR Crosshairs and Demonstrate a Commitment to Data Protection and Privacy
Problem A Fortune 500 multinational consumer organization was presented with the challenge of balancing automation of an extended global supply chain against the need to adequately protect sensitive customer data spread across markets with complex legal...

Use Case: Leading Exploration Player Keeps the Drills Running by Avoiding Cyber Attack
Problem A large Oil & Gas company had concerns about maintaining supply chain risk resilience and managing cyber security risks across its increasingly complex third-party network. As cybercriminal groups targeting the industry is on the rise, this is a very real...

Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid
Problem One of the largest U.S. energy utilities feeds the energy grid, powering millions of customers. Like many utility companies, they utilize information technology (IT), operational technology (OT), and a vast and complex supply chain to deliver their service...

Use Case: Top-20 Airline Takes Proactive Cyber Stance on Vendor Base
Problem The airline industry has a particularly large cyber-attack surface with so many critical systems including maintenance, repairs & overhaul; on-board aviation; in-flight entertainment & connectivity; airport-based industrial controllers, ticketing and...

Board Brief: IoT and the Risk to Healthcare Providers – What Does the Board Need to Know?
The Emerging Risk The Healthcare industry is improving its employee productivity and patient-care experience through the deployment of Internet of Things (IoT) devices. These devices range from medical equipment (MRI machines, infusion pumps, CAT scanners, vital sign...

Board Brief: What Cyber Questions Should the Board Ask Prior to an Acquisition?
Verizon and Marriott International, each a leader in their respective industries, completed acquisitions over the past few years. Both companies are presently facing significant liabilities due to security breaches that occurred prior to their acquisitions. The...

Emerging Risk Brief: Consequences of Cyber Attacks on Critical Infrastructure
More than 65% of companies with critical infrastructure suffered at least one attack in the past 1 year(1). Close to 80% expect a successful breach to their Industrial Control systems within the next two years. (1). In recent news(3) we learnt that North Korean...

Use Case: Major Entertainment Brand Tackles their Emerging Risk
Problem Major brand delivers its content at physical sites to hundreds of thousands of guests. Like many [manufacturing plants], the sites utilized a Connected Asset Ecosystem of physically accessible Internet of things (IOT), industrial technology (OT) and suppliers...

Board Brief: What’s the Lesson from the Equifax Breach?
Problem Major brand delivers its content at physical sites to hundreds of thousands of guests. Like many [manufacturing plants], the sites utilized a Connected Asset Ecosystem of physically accessible Internet of things (IOT), industrial technology (OT) and suppliers...
FORTRESS IN THE NEWS
Mixed Reactions on Looming DOE NOPR for Bulk Power System Security
The Department of Energy (DOE) will issue a notice of proposed rule-making (NOPR) to implement President Trump’s broad bulk power system (BPS) security executive order (EO) “later this fall,” a DOE official confirmed to POWER on Oct. 5. Though the...
Power Sector, Federal Entities Scramble to Close Supply Chain Security Gaps
Marking another major federal effort to address potential supply chain risks to the bulk power system (BPS), the Federal Energy Regulatory Commission (FERC) on Sept. 17 sought industry’s perspective on a number of important considerations,...
FERC investigates risk of foreign adversary-supplied bulk power equipment, with focus on Huawei, ZTE
If utilities are forced to pull suspect components from the grid then the cost implications could be significant, according to Tobias Whitney, vice president of energy security solutions at Fortress Information Security. The average utility could...
189 S. Orange Avenue, Ste 1950, Orlando, FL 32801
(407) 573.6800
sales@fortressinfosec.com
COPYRIGHT © 2020. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY