UL, a global safety science organization, announced the debut of its Supplier Cyber Trust Level solution, which helps organizations minimize supply chain cybersecurity risk by focusing on the trustworthiness of suppliers’ security practices.
The UL Supplier Cyber Trust Level analyzes supplier’s security practices across multiple trust categories resulting in a documented supplier Trust Level rating. This rating demonstrates the trustworthiness of a supplier’s security practices across the software and hardware development lifecycle, hosted systems, information management systems and their third-party management.
The UL Supplier Cyber Trust Level assessment enables a holistic view of supplier’s security posture, while providing a fair and consistent evaluation for organizations of the cybersecurity posture from supplier to supplier.
The UL Supplier Cyber Trust Level leverages security controls from many well-known industry best practices, standards and frameworks, including National Institute of Standards and Technology (NIST) cyber supply chain risk management, European Union Agency for Cybersecurity (ENISA) supply chain attacks, North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP)-013-1 standard, International Electrotechnical Commission (IEC) 20243-1, 62443-4-1 and 62443-2-4 standards and International Organization for Standardization (ISO) 27001 standard, among others.
Helping suppliers to better understand gaps in their security posture, the UL Supplier Cyber Trust Level also helps them implement and strengthen continuous improvement plans and demonstrate and differentiate security strengths to multiple customers and groups of stakeholders. This comprehensive approach in working with both organizations and suppliers helps holistically strengthen the security of supply chains and the digital economy.