arrow_forward Back to Full Solution Provider List

Fortress Information Security

Fortress Information Security, based in Orlando, FL, specializes in securing the supply chain and industrial assets of North American critical infrastructure with third party risk management and vulnerability risk management technology solutions and services. Fortress recently launched the Asset to Vendor Network (A2V), a joint venture with American Electric Power (AEP) and Southern Company to establish a collaborative network where member utilities can share cybersecurity information to lower costs and alleviate the burden of compliance for utilities and their vendors.

Products & Services

Data Marketplace: The Asset to Vendor Network (A2V) is a collaborative network of utilities that share cybersecurity intelligence to secure the vast supply chains that deliver bulk-electric power, IT, and mission-critical systems. Fortress Platform:
  • Fortress Platform’s secure vendor portal now automates findings resolution management by providing vendors with findings notifications and reminders based on their planned remediation and evidence collection activities. Alerts from changes in ratings are escalated to findings automatically by preconfigured rules. Ratings are then easily compared between vendors in a new Vendor Scorecard module which can be published to unlimited client users.
  •  Fortress solutions already align with regulatory frameworks such as NIST, ISO, and NERC CIP. Fortress now offers a comprehensive system to track compliance for Cybersecurity Maturity Model Certification (CMMC).
  • Data Driven Risk Ranking (DDRR): Data Driven Risk Ranking offers the ability to prioritize vendor populations quickly and easily by performing an automated scan that returns a score based on a company’s predicted inherent risk and geographical footprint. It also provides alerts for potential relationships to entities banned by emerging regulations such as NDAA 889.
  • File Integrity Assurance (FIA)- File Integrity Assurance provides real-time patch source verification and patch integrity validation, providing another layer of protection for software updates.

Industries Served

  • Energy
  • Government
  • Pharmaceuticals
  • Healthcare
  • Finance
  • Transportation

Clients Include

  • American Electric Power
  • Southern Company
  • NiSource
  • Hitachi ABB Power Grids
  • Xcel Energy

Client Testimonials

“Utilities have a long history of working together to overcome challenges and securing our mutual supply chain through A2V [the Asset to Vendor Network] is just the latest example. A2V offers the opportunity for companies to collaborate and help share expertise and best practices.”


-Tom Wilson, Vice President and Chief Information Security Officer for Southern Company

“The A2V [Asset to Vendor Network] Platform provides a superior solution to resolving our third-party risk challenges. The A2V platform provides us with the tools we need to manage third party risk, and the shared information lowers our operating cost. The A2V Network is a great group of companies, and we are proud to participate, especially in these times of change in the cybersecurity industry. We champion information sharing as the best way to improve cybersecurity while minimizing operating costs.”

- Mike Rozsa, Chief Information Officer at NiSource

“Power utilities need to work together to accomplish our shared goal of a secure power grid. A2V offers the opportunity for companies to collaborate and help mitigate the significant costs of protecting the grid.”

- Stephen Swick, Director of Cybersecurity Intelligence and Defense for American Electric Power
Fortress Information Security | Quartz Events Quartz Events

Quartz Events is the fastest growing producer of invitation-only, executive summits in North America. We help leaders get things done.