NORTHBROOK, IL – UL has rolled out a new assessment program to help organizations minimize supply chain cybersecurity risk by focusing on the trustworthiness of suppliers' security practices.
UL Supplier Cyber Trust Level analyzes supplier's security practices across multiple trust categories, resulting in a documented supplier trust level rating. This rating demonstrates the trustworthiness of a supplier's security practices across the software and hardware development lifecycle, hosted systems, information management systems and their third-party management.
UL Supplier Cyber Trust Level assessment enables a holistic view of supplier's security posture, while providing a fair and consistent evaluation for organizations of the cybersecurity posture from supplier to supplier.
"Cybersecurity for connected technologies is a major risk that impacts manufacturers, service providers, suppliers and end product ecosystems," said Isabelle Noblanc, global vice president and general manager of the Identity Management and Security division at UL. "A supplier's security-oriented culture, security processes and practices and secure R&D environments are all critical when validating supplier security. UL understands this significance and continues to help organizations with IoT cybersecurity offerings that address end products, ecosystems and now – with the launch of our Supplier Cyber Trust Level – supply chains."
UL Supplier Cyber Trust Level leverages security controls from many industry best practices, standards and frameworks, including National Institute of Standards and Technology cyber supply chain risk management, European Union Agency for Cybersecurity supply chain attacks, North American Electric Reliability Corp. Critical Infrastructure Protection (CIP)-013-1 standard, International Electrotechnical Commission 20243-1, 62443-4-1 and 62443-2-4 standards and International Organization for Standardization (ISO) 27001 standard.
"The Covid-19 outbreak has made it clear how vulnerable supply chains can be. Although the Covid-19 situation has exposed vulnerability related to the availability of supply chains, it has also raised further awareness that cybersecurity is another prominent threat to supply chains worldwide. The UL Supplier Cyber Trust Level solution will help companies globally to better secure their supply chains and help bring safer products to the market."