Cyber Security Readiness Rating Program

A centralized and simple approach to risk management assessment

PROBLEM

The mining sector relies on third parties to deliver products and services across the sector. With the uptick in cyber security incidents, mining companies are needing to assess additional risks a supplier may bring, typically through the dreaded cyber security questionnaire. 

A simpler solution now exists.

  • Suppliers: Fill out one form; viewed by many companies
  • Mining companies: Less forms makes assessing vendors forms manageable. MM-ISAC members will be able to rely on the program to assess their potential vendors, alleviating the effect required in-house. It provides a reliable assessment, built by the MM-ISAC member companies.

MINIMIZING RISK WITH THE MM-ISAC CYBER SECURITY READINESS RATING

Address the increasing security risk within the mining and metals industry supply chain:

  • cyber security risk rating for vendors
  • identifies risk management capabilities
  • assessment of governance and technical capabilities, risk and safety culture

The result is a cyber security readiness rating that identifies high-level security and privacy facts that provide security and threat risk assurance which can be leveraged by organisations during the vendor screening and selection process.

Suppliers fill out one questionnaire for potential business with multiple companies.

HOW IT WORKS

Step 1. IDENTIFY SUPPLIER PERSONAS

The questionnaire categorizes suppliers into a pre-determined set of personas based on their demographic details.

Step 2. THREAT MODELLING

Map the supplier’s persona to potential threat vectors from our threat library to identify relevant security domains to assess.

Step 3. SUPPLIER SECURITY ASSESSMENT

Suppliers complete a persona-relevant set of questions to identify security capabilities and maturity.

Step 4. ASSIGNMENT OF MATURITY RATING

A risk analyst reviews the findings against industry leading standards and provides a readiness rating for the vendor based on the capability maturity model.

THE PROCESS

Submit once, reach many

JOIN THE PROGRAM!

The cost to join is USD$5,000. By joining this program you are joining a community. Whether you need guidance to help improve your rating or simply want to be part of an industry body that is building a cyber security approach to mining, the MM-ISAC is here to help you! The rating is shared with all MM-ISAC members but the full report is sent to you alone – for you to share with whoever you wish. 

Interested to learn more? Questions?
Send a Request to:
 Programs@mmisac.org

MM-ISAC Cyber Security Readiness Rating Program

Note: The rating is shared with all MM-ISAC members but the full report is sent to you alone – for you to share with whoever you wish.