Facebook Twitter Instagram YouTube LinkedIn
    Facebook Twitter Instagram LinkedIn YouTube
    Trending
    • Rajiv Kulkarni Talks about the Malware Analysis Pipeline
    • IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’
    • Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases
    • BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles
    • Security Automation Cuts Down Expenses and Saves Time for IT Teams
    • IBM Think 2022 – Embracing the Present, Preparing for the Future
    • A Game of Numbers: The Correlation Between Technology and Sports Betting
    • Software-based Enterprise Solutions for Navigating the “Too Much Information” Age
    TechSpective
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    • Technology
      Featured
      March 1, 20216

      Could Home Study Be Better for Education? Using Technology to Craft a Better Tomorrow

      Recent
      May 20, 2022

      Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

      May 20, 2022

      BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

      May 15, 2022

      A Look At The Last Generation Of Internal Combustion Engines

    • Reviews
      Featured
      March 4, 20211

      Dell’s UltraSharp 40 – Improving Work and Workplaces with Monitor Innovations

      Recent
      April 7, 2022

      Dell’s Latitude 5430 Rugged – Redefining the Extremes of Mobile Computing

      October 12, 2021

      Innovating Home Video Conferencing: Dell’s New 27 Video Conferencing Monitor – S2722DZ

      September 22, 2021

      Review: Intrusion Shield

    • Podcasts
    • Security
      Featured
      March 7, 20212

      Pandemic Unmasks Vulnerability to Automated Bot Attacks

      Recent
      May 25, 2022

      Rajiv Kulkarni Talks about the Malware Analysis Pipeline

      May 23, 2022

      IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’

      May 14, 2022

      Ransomware is Indiscriminatory – Prepare for Everything to Fail

    • Microsoft
      Featured
      September 12, 20201

      The Microsoft Surface Duo: The Communications Device for Those That Think Different

      Recent
      April 8, 2022

      AI and Why Windows 12 Could Be a Far Bigger Advance than Windows 95 Was

      October 11, 2021

      The Surface Laptop Studio: Building a Windows 11 Targeted Laptop

      August 28, 2021

      Why Microsoft’s Hardware Baseline for Windows 11 Is Important

    • News & Analysis
      Featured
      March 6, 20212

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      May 25, 2022

      Rajiv Kulkarni Talks about the Malware Analysis Pipeline

      May 20, 2022

      BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

      May 20, 2022

      IBM Think 2022 – Embracing the Present, Preparing for the Future

    • Business
      Featured
      March 6, 20212

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      May 20, 2022

      Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

      May 20, 2022

      Security Automation Cuts Down Expenses and Saves Time for IT Teams

      May 18, 2022

      Software-based Enterprise Solutions for Navigating the “Too Much Information” Age

    TechSpective
    You are at:Home»Security»Critical Infrastructure»Fortress Information Security Strives to Help Protect Critical Infrastructure
    critical infrastructure power grid electric utilities cybersecurity
    Image from Pixabay

    Fortress Information Security Strives to Help Protect Critical Infrastructure

    0
    By Tony Bradley on November 11, 2019 Critical Infrastructure, Cyber Espionage, Security Awareness

    The agencies and businesses that make up the backbone of our critical infrastructure have a larger bullseye on their backs than an average company. When it comes to the electric utility providers that manage the power grid, the exposure to risk is exacerbated by the fact that much of the equipment, software, and services come from a limited set of vendors. Fortress Information Security just launched the Asset to Vendor (A2V) Network to mitigate these risks and improve the security posture of the power grid.

    The Federal Energy Regulatory Commission (FERC) recognizes the unique threats posed to the power grid and understands that it’s crucial to address these challenges and protect the critical infrastructure. FERC has issued requirements for standardized risk assessments and mandated that electric utility providers prioritize supply chain vendors based on their relative risk. The problem is that many of the 3,000 or so electric providers are small, regional companies that don’t have the budget or resources to do this effectively on their own.

    The A2V Network was launched as a joint venture between Fortress and AEP (American Electric Power) to address this challenge and help all electric utility companies collaborate to comply with the FERC regulations and improve protection of the critical infrastructure more efficiently and effectively. Organizations that join the A2V Network will be able to purchase completed vendor assessments for significantly less than it would cost them to conduct a redundant assessment of their own, and participating companies can also contribute completed assessments to build out the A2V Network library.

    Reluctance to Share

    I had an opportunity to chat with Alex Santos, CEO of Fortress, about the A2V Network and some of the challenges it addresses. He described the supply chain like streets in a community. Just as each person is responsible of their own home and property, but share the roads and pay taxes to share the burden and ensure the roads are taken care of, each company is responsible for itself, but they share risk exposure from the supply chain and it makes sense to collaborate and share the burden to mitigate the risk and secure the critical infrastructure.

    I asked Santos for his thoughts on why businesses in general—not just electric power providers—seem so reluctant to engage in this sort of sharing and collaborative effort. The two main issues, according to Santos are that some information is very proprietary, and some information is not very good. Companies want to maintain the privacy of intellectual property and sensitive information. In some cases, there is a competitive advantage associated and sharing it is just bad for business. In other instances, organizations are reluctant to engage in sharing information because what they receive is not useful. If the information is not properly vetted and curated to ensure it is correct and relevant, it creates more problems than it solves.

    Santos explained that the A2V Network strives to address both of those challenges. The A2V Network takes information about supply chain risk assessments and provides a platform to easily share it while anonymizing it and protecting the privacy of proprietary data. Part of what the A2V Network also does is to validate the information and make it actionable.

    Gaining Momentum

    Santos was especially grateful for having AEP as a partner for the launch of the A2V Network. He noted that even though there are 3,000 electric utility providers, only about 150 of those are large enough to be regulated by the North American Electric Reliability Corporation (NERC)—and that the top 15 largest deliver power for 75% of consumers. That leaves nearly 2,900 companies that must comply with the FERC regulation but lack the resources to do it effectively on their own.

    He said that having AEP on board is huge because any new movement or initiative requires a first big company to get the ball rolling. AEP showed leadership in taking that initiative and having a company with the size and prestige of AEP involved creates a snowball effect that will entice other electric utility providers to jump on board.

    The more companies get involved, the more momentum the A2V Network will have and the greater value it will provide to every participating organization. That, in turn, will attract more companies. It becomes a self-feeding cycle of momentum that will ultimately lead to a more secure critical infrastructure.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleWhy Your Tech Business Should Care More About Employee Retention Rate
    Next Article Allison Dew and the Importance of Marketing at Dell
    Tony Bradley
    • Website
    • Facebook
    • Twitter
    • LinkedIn

    I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 2 dogs, 5 cats, 1 rabbit, 2 ferrets, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Twitter, Facebook, Instagram and LinkedIn.

    Related Posts

    IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’

    Cybersecurity Myths that are Compromising Your Data and How to Address Them

    Growing Attacks Underscore the Importance of API Security

    Comments are closed.

    Site Sponsors
    Intel
    DevOps.com
    Adobe
    PopSpective
    • Technology
    • Popular
    • Top Reviews
    May 20, 2022

    Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

    May 20, 2022

    BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

    May 15, 2022

    A Look At The Last Generation Of Internal Combustion Engines

    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    9.7
    November 16, 2018

    Review: BlackVue DR900S-2CH Vehicle Dash Cam

    9.5
    September 2, 2015

    Review: Microsoft Band

    May 27, 2014

    Protect your family photos with ScanMyPhotos

    Popular Posts
    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    Adobe
    PopSpective
    Adobe
    PopSpective
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    About

    TechSpective covers technology trends and breaking news in a meaningful way that brings value to the story, and provides you with information that is relevant to you. We offer in-depth reporting and long-form feature stories, as well as breaking news coverage, product reviews, and community content in plain English terms, and with a unique perspective on technology.

    Adobe

    © 2020 Xpective, Inc.

    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact
    © 2021 Xpective, Inc.
    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact

    Type above and press Enter to search. Press Esc to cancel.