Security Exchange
Leveraging the Security Exchange Platform
Understanding which standards and best practices should be applied to given project can be challenging task. There are over a thousand requirements applicable to today’s renewable energy projects. Cumulys’ Security Exchange (SX) can help asset owners define the security requirements for given technology project efficiently by illustrating the relationship between standards and enabling the asset owner to define the requirements that make sense for their project.
Goals
Process/Approach
Security by Design
Advisory services to design a secure procurement approach
Product Spec Development
Include the relevant industry and internal reqs
Publish Reqs
Share technical and security controls with partners
Procurement Stds
Create an inventory of procurement spec for tech types
Info Sharing
Participate in a community designed to lower costs
UTC - ARMOR (Adherence and Risk Mitigation for Operational Resilience)
The Security Exchange powered by Cumulys will enable asset owners and vendors to collaborate on cybersecurity priorities and features within telecommunications and network system products. The Security Exchange provides a secure information sharing environment for utilities to post their requirements and for suppliers to demonstrate how they meet a range of standards. Through partnership with the Utilities Technology Council "UTC," the Security Exchange will enable their members and non-members to reduce procurement, vendor, product risk, and due diligence costs through a shared industry resource.
Level I
NATF Questionnaire / Attestation
NIST Software Security Development Framework Attestation
Geo-political Risk Attestation (Enterprise)
Level II
Product Assessment IEC 62443 Part 4.1 (Certification)
Vendor Provided SBOM Report (Quarterly Update)
Geo-political Risk Attestation (Product)
Utility Security Exchange
NATF Questionnaire / Attestation
NIST Software Security Development Framework Attestation
Geo-political Risk Attestation
Product Certification based on IEC 62443 Part 4.1
Vendor Provided SBOM Report
Geo-political Risk Attestation
Launch Partner – UTC
About the Utilities Technology Council
The Utilities Technology Council (UTC) is a global association focused on the intersection of telecommunications and utility infrastructure. UTC gives voice to the men and women in the utility workforce who create and maintain critical communications systems that help keep the lights on, the water and gas flowing. We represent the hands-on folks in the field and control rooms responding to storms, deploying new technologies, and securing energy and water infrastructure from all kinds of threats. UTC sits at the nexus between the energy and telecommunications industries, which are rapidly converging and becoming more interdependent.
