March 26, 2018
Understanding how to measure security posture to evaluate risks in a cyber world.
Measuring cybersecurity is more important than ever in a world filled with network connected products and systems. At UL, we were challenged with developing a practical and scalable cybersecurity solution to help guide the future of cybersecurity, but doing so required an understanding of how to truly measure security. UL team of experts, led by Ken Modeste, Director, Connected Technologies, did just that.
After careful evaluation and work with broader industry, government, and academia, UL identified five unique security categories:
- Component Security
- Service Suppliers
- Implementation
- Vendors
- System Security
However, it was not quite that simple. To truly understand and measure security, pain points needed to be identified, the software bill of material concept had to be formed, and we needed to truly understand the global security space. When all of those pieces came together, advisory, testing and certification services to address industry needs were developed in addition to the UL 2900 Series of Standards.
To learn more from Ken himself, click here to watch a presentation.