Problem

One of the largest U.S. energy utilities feeds the energy grid, powering millions of customers. Like many utility companies, they utilize information technology (IT), operational technology (OT), and a vast and complex supply chain to deliver their service across tens of thousands of miles of high voltage transmission lines, linking generation operations to substations, then into distribution networks and delivered to homes and businesses. As the industry incorporated emerging technologies into the grid amid ever-increasing cyber security risks in this space, their need to protect against these risks became more imperative. The company needed a better way to keep up with identifying, assessing and managing their third-party risks, as well as identifying and resolving vulnerabilities within their OT environment. Procurement leadership needed a better way to determine criticality with each vendor engagement to adequately cover the risk in the contract. Recent NERC enforcement actions increased the pressure to show compliance within the risk management arena.

SOLUTION

The company partnered with Fortress Information Security to deliver its Total Solution, including managed third-party risk services, OT security services, and a fully integrated and data-driven solution providing holistic visibility of emerging risks. Fortress leveraged a combination of Technology, Analytics and Services to deliver consulting and managed services, supported by the proprietary Fortress Guardian platform to deliver industry-specific cyber intelligence solutions. Fortress provided expert managed services, collecting, assessing, and reporting the NERC-compliant risk management program through automated and orchestrated channels, giving the board full transparency and guidance throughout the process. Continuous monitoring, threat intelligence, and dashboards provided visibility to help mature the capabilities of the company’s cyber risk management program.

OUTCOMES

  • Implemented a business-specific NIST security risk-based program, designed, staffed, and managed by Fortress.
  • Program included identification of critical OT assets and high-risk vendors, assessing them for control weaknesses and vulnerabilities, and resolving identified findings.
  • Full transparency dashboards enabled by the Fortress Platform to benchmark and communicate NERC compliacne, program health and obstacles to Procurement and Security stakeholders.
  • As an integrated solution, Fortress moved quickly to implement. Also, as an expert in energy sector, the assets and vendors were well-known, and Fortress hit the ground running.

    Want to find out how Fortress can solve
    problems specific to your business?

    Let's connect.

       Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid 1407.573.6800

     For Human Resources, please call  855.367.8737

       Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid 2sales@fortressinfosec.com

    Contact Sales


    View More Resources Here

    Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid 3
    Utilities
    Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid 4
    Transportation
    Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid 5
    Healthcare
    Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid 6
    Finance
    Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid 7
    Energy
    Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid 8
    Additional Industries
    Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid 9

    Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid 10 Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid 11 Use Case: A Large Utility (IOU) Looks Across IT, OT and Supply Chain Silos to Protect the Grid 12

    189 S Orange Ave #1950, Orlando, FL 32801
    (407) 573.6800
    sales@fortressinfosec.com

    COPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY

    PRESS RELEASE

    FORTRESS LAUNCHES INNOVATIVE COLLABORATION TO HELP PROTECT THE POWER GRID FROM CYBER THREATS

    Emerging Risk Brief

    ASSET RISK MANAGEMENT - FOR PORT AUTHORITIES

    Advisory

    5 STEPS FOR AN EFFECTIVE THIRD PARTY VENDOR RISK PROGRAM

    White Paper

    CIP COMPLIANCE – UPDATES, ENFORCEMENT AND PRACTICAL IMPLEMENTATION

    Advisory

    5 STEPS TO A STRONG VULNERABILITY MANAGEMENT PROGRAM

    WHITE PAPER

    NERC CIP COMPLIANCE

    Subscribe to Fortress Newsletter

    For breach reports, threat intelligence, regulatory updates, cyber security news alerts and more, sign up to receive the Fortress Newsletter.

    Threat Advisory

    Outdated Security Appliance Facilitates Denial-of-Service Attack on U.S. Grid

    WEBINAR DOCUMENT

    NERC CIP SUPPLY CHAIN SECURITY STANDARDS