Fortress is a Proud Member of the
Edison Electric Institute

Learn About the Next Generation of Third Party and Asset Risk Management

Alex Santos, Founder and CEO, Fortress Information Security, Speaks on the evolving needs of our national energy infrastructure.

The same technologies that enhance the efficiency of supply chains for power utilities are also creating vulnerabilities and raising risk exposure.

“SUPPLY CHAIN ATTACKS SPIKED 78 PERCENT IN 2018”

Nextgov.com

Network Security Threats

Human Threats

Physical Security Threats

Software Threats

Legal Threats

Other Threats

Traditional security programs consistently operate according to priorities and paradigms from past eras, resulting in antiquated and inadequate security systems.

» Risk Management Silos – Assets & Vendors

» Shallow vs. Sophisticated View of Products & Supply Chain

» Subjective Self-Assessments vs. Objective Standardized Assessments

» Slow & Costly Manual vs. Automated Digital

“It can take an analyst up to 80 work hours to manually complete a query on one device.”

– Source: DoD & Fedbiz News

The Fortress Platform addresses supply chain risks.

The Fortress Platform is a comprehensive Integrated Supply Chain Risk Management Solution that integrates and orchestrates multidimensional risk analysis and remediation of supply chain, manufacturing, IT, InfoSec, corporate governance, and contract risks.

FORTRESS CURRENTLY SECURES 10% OF US POWER GRID SUPPLY CHAIN AND KEY ASSETS.

Fortress Platform Accelerates NERC CIP Compliance

In a world that’s more reliant on energy every day, our nation’s critical infrastructure remains a top target — with attacks against utilities now a fact of life. Fortress helps some of the largest energy companies in North America weather the storm and protect mission-critical functions, such as generation, transmission, distribution and interconnection.

For example, a “Top-5” U.S. energy company turned to Fortress for managed services to clarify risk and automate administrative and monitoring tasks across the enterprise. Fortress also helps safeguard energy-sector compliance with the following NERC CIP standards:

Power Utilities 11

Energy companies turn to Fortress to manage cyber risks in the ways these companies most need — tying risk to real-world business impacts and helping improve daily operations, reputational risk, human safety and financial performance.

Recent Executive Orders have shone a light on these vulnerabilities and the critical need to address them in substantive and timely way.

“Over 80%of software components used in today’s applications come from third parties”

2017 Veracode State of Software Security Report

Fortress Services and Technology

third-party risk management

Program Policy Development
Vendor Inventory and Risk Rankings
Business Process Automation
Vendor Assessments
Remediation Management
Continuous Monitoring
Workflow Management
Contract Assessments
Compliance Reporting
Real-time Reporting

vulnerability risk management

Program Development & Management
Vulnerability Visualizations
Asset Management
Asset Classification
Threat Intelligence Correlation & Action
Vulnerability Prioritization
Workflow Automation
Managed Services
Compliance Framework Reporting

operational technology (OT)

Program Development & Mgmt.
Asset Identification, Mgmt. & Classification
Vulnerability and Patch Mgmt.
Remediation Mgmt.
Incident Response
OT Passive Monitoring
OT Process Automation
Managed Services
Compliance Reporting
Reporting & Analytics