Exostar developed PIM by working closely with many of the world’s largest Aerospace and Defense (A&D) industry firms, forming a Security Steering Committee that includes security and supply chain executives from BAE Systems, Boeing, Lockheed Martin, Northrop Grumman, Raytheon, and Rolls-Royce. PIM’s Cybersecurity module reflects best practices input from these companies that is based on internationally recognized standards.
“Our objective was to bring A&D leaders together, understand their cybersecurity risk management initiatives and progress to date, and build consensus for the optimal approach to improving the industry’s cybersecurity posture going forward,” said Dr. Paul Kaminski, Exostar’s Chairman of the Board. “With PIM, we have created a common platform that A&D supply chain ecosystem partners can jointly use to achieve this much-needed improvement.” The heart of PIM’s Cybersecurity module is a comprehensive questionnaire and evaluation engine. Suppliers complete the questionnaire and are assigned a Security Maturity Level that is a measure of their current capabilities. Buyers get deep visibility into a supplier’s cybersecurity strengths and weaknesses, which lets them assess risk and make better business relationship decisions. Suppliers have a clear roadmap for improvement recognized and accepted by multiple buyers, which allows them to justify the investments required to raise their Security Maturity Level and promote long-term engagements with buyers. Exostar’s Managed Access Gateway (MAG) controls access to PIM, making it the most secure risk management solution on the market, while empowering individuals with a single sign-on user experience. Because MAG brings together over 100,000 A&D organizations worldwide, PIM incorporates a “collect once, share multiple times” supplier engagement methodology. Suppliers can complete or update the cybersecurity questionnaire one time and send it to any buying organization that is part of the Exostar A&D community – reducing the burden on suppliers by eliminating redundancy and enabling buyers to more rapidly obtain critical risk information. “Understanding a supplier’s cybersecurity maturity level allows Lockheed Martin to make informed decisions on how best to manage their risk throughout our global, multi-tier supply chain,” said Jim Connelly, Vice President and Chief Information Security Officer at Lockheed Martin and Chairman of Exostar’s Security Steering Committee. “Exostar’s PIM enables us to implement a consistent, efficient, cost-effective process to measure, assess, and mitigate risk in real-time and over time.”