Security by design
Security by Design
Ensures that critical infrastructure technology purchases have security integrated into the product’s core features. Cumulys is a strong supporter of security-by-design and cyber-informed engineering principles and has designed its platform to enable those core concepts.
Included in the Security Exchange Platform is the capability to enable asset owners to coordinate with providers, suppliers, and related third party organizations to identify and comply with the standards and requirements needed to mitigate risks on the project.
A customizable portal for each major procurement activity to coordinate with interested 3rd parties to communicate and share cybersecurity requirements.
The partners (3rd parties) can demonstrate their compliance level to the procurement requirements via a compliance narrative and example evidence of controls, certification, or attestation (as defined by purchasing entity)
Purchasing entities can privately post their own standards or use the Cumulys engine to define, select and publish relevant standards for a given project.
Remediation, compliance and continuous monitoring will be handled by the Cumulys Compliance Automation engine.
