Our customer is a $11B Healthcare Manufacturer with Medical Devices, Nutrition and Renal solutions. With more than 7,000 suppliers across the global they had significant exposure their suppliers’ cybersecurity weaknesses.
The Fortune 500 company was liable for cybersecurity incidents due to its large vendor community having access to the company’s systems.
DivIHN created a 21-point Reference Framework for the clauses in the Cybersecurity Addendum. The addendum included content related to Data Security, Security Incidents, Access Controls, Logging and Monitoring, and Standard of Conduct.
DivIHN also devised a repeatable Gap Analysis and Corrective Action Planning methodology based on its IP. The result was a Cybersecurity Addendum to a Legal Contract between the company and its vendors. The addendum included the clauses recommending changes to the legal contracts to improve company’s cybersecurity posture.
The solution that we implemented is expected to significantly improve the Cybersecurity posture of the Fortune 500 company and save unnecessary expenses to the tune of $1M spent on auditing the vendors.