BoostAeroSpace Partners with usd for AirCyber Maturity Assessments

18. October 2023

In today’s business world, organizations rely on a broad network of partners and service providers to efficiently render their services. While in many cases suppliers make critical contributions to the success of an organization, they can also pose a significant security risk: Due to their smaller size and limited internal resources, suppliers are particularly vulnerable to cyberattacks. Successful attacks on an organization’s supply chain can have devastating consequences and bring the entire organization to a halt. As such, it is important for organizations to take proactive measures to protect themselves and their supply chain against these threats.

BoostAeroSpace, a hub for digital platforms to collaborate and secure data exchanges within the supply chain of the Aerospace & Defense industry in Europe, has recognized this critical situation. To combat the threat, BAS launched its AirCyber Program in 2018. AirCyber aims to enhance cybersecurity across the entire supply chain of the global Aerospace and Defense sector by standardizing and harmonizing the level of cyber protection throughout the industry.

AirCyber has developed a standardized and tool-based assessment approach to evaluate the cyber maturity of industry suppliers. Each supplier initially performs a self-assessment in the form of a questionnaire. The results of this self-assessment are then confirmed by means of an onsite assessment performed by an experienced IT security assessor.

“For mission critical projects such as our AirCyber Program, working together with skilled assessor companies is crucial”, says Romain Bottan, Chief Information Security Officer at BAS. “In usd, we have found a partner with outstanding assessment experience of relevant security standards and an expert workforce large enough to perform a significant number of assessments on short notice.”

Starting with France-based suppliers in 2018, BAS has initiated an effort to onboard suppliers from across Europe to its AirCyber program since 2021. As part of this initiative, more and more suppliers will be evaluated for their cyber maturity over the coming years. As a partnered assessor company, usd’s overall objective is to enable efficient cyber maturity assessments through a cooperative assessment approach tailored to BAS’ requirements, needs and wishes.

“We are consistently pursuing this objective by optimizing the existing assessment processes and by contributing new improvements from our extensive assessment experience”, says Anna-Magdalena Kohl, usd Team Lead Sales. “The core of our assessment services is always to improve our client’s security as a whole and to conduct security assessments our clients can perceive as an opportunity rather than an obligation.”


About BoostAeroSpace

BoostAeroSpace SAS, was founded by Airbus, Dassault Aviation, Safran and Thales with the mission to federate and facilitate exchanges between ALL the players in the sector of Aerospace and Defence. BoostAeroSpace offer international standardised value-added services and digital solutions adapted to ALL players in order to increase the competitiveness and the resilience of the European Aerospace and Defence industry.

BoostAeroSpace develops, sells and deploys secured products or services for Supply Chain in the domain of cyber security and Client – Supplier relationship and promotes and markets a range of collaborative and secured services, developed and sold by services providers, in the domains of Product Lifecycle Management (PLM), Supply Chain Management (SCM) and global collaboration.

https://boostaerospace.com/about-boostaerospace/

Also interesting:

DORA Countdown: One Month Left Until the Deadline

DORA Countdown: One Month Left Until the Deadline

DORA, the Digital Operational Resilience Act, will fully apply as of 17 January 2025. We have summarized everything you need to know about the EU regulation, preparation and best practices from our news blog.

Sunset of PCI DSS v4.0 on 31 December 2024: Get Ready!

Sunset of PCI DSS v4.0 on 31 December 2024: Get Ready!

PCI DSS v4.0: In March 2024, version 4.0 of the Payment Card Industry Data Security Standard became mandatory after a two-year transition phase. Just a few months later, version 4.0.1 was released as a minor update of the standard, which will become mandatory on...

Top 3 Vulnerabilities in SSO Pentests

Top 3 Vulnerabilities in SSO Pentests

During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to corporate security. They increasingly encounter the same vulnerabilities. Our blog series "Top 3 Vulnerabilities" presents...

Categories

Categories