Herndon, VA—Dec. 8, 2015—Exostar, a provider of cloud-based solutions that help companies in aerospace and defense, life sciences, and healthcare mitigate risk and solve their identity and access challenges, announced the availability of Partner Information Manager (PIM), a new, modular solution that continuously measures risk across a business’s extended value chain. With the launch of PIM and its cybersecurity module, organizations throughout the enterprise—from procurement, contracting and information technology (IT) to compliance, security and the C-suite—have the information they need to build and manage their supply chains, assess potential vulnerabilities, and initiate steps to protect their intellectual property, reputations and revenue streams.
Exostar developed PIM by working closely with many of the world’s largest aerospace and defense (A&D) industry firms, forming a Security Steering Committee that includes security and supply chain executives from BAE Systems, Boeing, Lockheed Martin, Northrop Grumman, Raytheon and Rolls-Royce. PIM’s cybersecurity module reflects best-practices input, which is based on internationally recognized standards, from these companies.
“Our objective was to bring A&D leaders together, understand their cybersecurity risk management initiatives and progress to date, and build consensus for the optimal approach to improving the industry’s cybersecurity posture going forward,” said Dr. Paul Kaminski, Exostar’s chairman of the board. “With PIM, we have created a common platform that A&D supply chain ecosystem partners can jointly use to achieve this much-needed improvement.”
The heart of PIM’s cybersecurity module is a comprehensive questionnaire and evaluation engine. Suppliers complete the questionnaire and are assigned a security maturity level that is a measure of their current capabilities. Buyers get deep visibility into a supplier’s cybersecurity strengths and weaknesses, which lets them assess risk and make better business relationship decisions. Suppliers have a clear roadmap for improvement recognized and accepted by multiple buyers, which allows them to justify the investments required to raise their security maturity level and promote long-term engagements with buyers.
Exostar’s Managed Access Gateway (MAG) controls access to PIM, making it the most secure risk management solution on the market, while empowering individuals with a single sign-on user experience. Because MAG brings together over 100,000 A&D organizations worldwide, PIM incorporates a collect-once, share-multiple-times supplier engagement methodology. Suppliers can complete or update the cybersecurity questionnaire one time and send it to any buying organization that is part of the Exostar A&D community—reducing the burden on suppliers by eliminating redundancy and enabling buyers to more rapidly obtain critical risk information.
“Understanding a supplier’s cybersecurity maturity level allows Lockheed Martin to make informed decisions on how best to manage their risk throughout our global, multi-tier supply chain,” said Jim Connelly, vice president and chief information security officer at Lockheed Martin, and chairman of Exostar’s Security Steering Committee. “Exostar’s PIM enables us to implement a consistent, efficient, cost-effective process to measure, assess, and mitigate risk in real time and over time.”