Our Approach to
Responsible OT Management
Critical infrastructure security depends on the most up-to-date operational standards and practices. Operators must also ensure that new technologies and software procurement activities have security incorporated into their design. Cumulys is a strong advocate for and implementation partner of security-by-design and cyber-informed engineering principles.
At the same time, Cumulys recognizes that the resources required for securing OT environments may be out of reach for smaller critical asset owners. By building economies of scale and operational best practices into its critical infrastructure community platforms, Cumulys opens up a route for smaller organizations to optimize their OT operations. Cumulys brings tools and resources previously available only to the most sophisticated critical environments to all asset owners.
As an active participant in operating and securing critical assets, Cumulys is subject to applicable compliance enforcement activities, ensuring that we have "skin in the game" along with our customer partners. Because we believe in the effectiveness of our approach, we're comfortable putting our systems and processes up for audit in partnership with our customers.
Why Now?
Cybersecurity fines and penalties for non-compliance are increasing in scope and magnitude.
Cybersecurity compliance is perceived to be a cost of doing business. The question is how to make cybersecurity cost-effective and measurable.
There are over 3000 energy companies in the US energy sector -- setting the stage for economies of scale and leveraging of best practices.
Hiring and retaining qualified OT security and operational practitioners is increasingly difficult for smaller operators. Centralizing talent resources can mitigate this issue.
