Page 5 - CSA Cybersecurity Brochure Aug12

Page 5 - CSA Cybersecurity Brochure Aug12_2019

P. 5

CYBERSECURITY develop specific test programs
VERIFICATION PROGRAM supporting an effective security
(CVP) culture for their connected
It is increasingly common for solutions. The three steps include:
purchasing organizations such
as hospitals or retail developers 1. A self-assessment of
to have procurement language security activities using a
requesting information about the structured template developed
security of connected devices by CSA Group.
they are acquiring. Because they
are purchasing items from across 2. CSA Group conducts an audit
a variety of industries — from of the information presented in
smart lighting to wireless printers the self-assessment template
The CSA — there is a need for a common and provides feedback on
any gaps, which helps to
procurement language that
Group Difference applies to these varied products. affirm a current level of
CSA Group’s CVP is a major step cybersecurity maturity within
Rely on an internationally in this direction, and it has been the organization and product.
recognized company with leveraged by several industry
over 100 years of expertise verticals as a standardized 3. CSA Group can also perform
product security testing using
and knowledge. From our security framework. either voluntary international
early beginnings developing Using our CVP model, a standards or a custom test plan
standards for railway manufacturer can demonstrate appropriate for the IoT solution.
bridges to today’s latest the sophistication or maturity
sustainable technologies, level of processes and products, Completing all three steps can
provide the richest evidence to
we’re always looking forward which then helps provide determine security maturity at
security evidence for IoT
and developing innovative solutions. Investing the organization and solution
standards and testing in this program as (product) level.
programs for the most a manufacturer
advanced and emerging makes it easier for The maturity level of each
cybersecurity activity is
network owners to
technologies. Drawing on evaluate and choose assessed so that an
our industry accreditations, your products. It organization can assert their

our customer-focused contributes to reduced security maturity in relationship
experts can create custom overall risk to best practices. The maturity
levels of the CVP range from Level
solutions that meet your from cyber threats and helps you 0 to Level 3, where Level 0 means
increase your attractiveness to
unique testing, inspection, the market as a cyber-mature no evidence exists of the basic
and certification needs. vendor of connected solutions. controls needed to protect the
That’s how we’re holding the organization or its products,
future to a higher standard. CVP – 3 STEPS while Level 3 affirms a
This three-step program allows well-established process for
manufacturers to identify security implementation
security activities employed for with continuous support and
their IoT solutions, understand security enhancements.
their existing maturity level, and

csagroup.org

1 2 3 4 5 6