Hero Diamond Background

Schneider Electric

Collaborating to manage vendor risk with BitSight Advisors.

Organizations globally are experiencing expansion in their third-party network, and Schneider Electric is no exception. Schneider Electric is a global leader in energy management and industrial automation, with a network of over 52,000 third parties making them a potential target for bad actors.

View Case Study
Button Arrow
Schneider Electric

Collaborating to manage vendor risk with BitSight Advisors.

Organizations globally are experiencing expansion in their third-party network, and Schneider Electric is no exception. Schneider Electric is a global leader in energy management and industrial automation, with a network of over 52,000 third parties making them a potential target for bad actors.

“BitSight’s Advisors are so proactive and collaborative that we have decided to integrate them as an extension of our team.”

Mansur Abilkasimov
Deputy Global CISO, VP of Cybersecurity & Governance, Schneider Electric

With a strong push towards digital transformation, organizations across the world are growing their network of partners and vendors, in search of value-added products and services. In today’s “everything as a service” business environment powered by digital, data, AI, ML and Cybersecurity, Schneider Electric is not an exception. With an ecosystem of ~52,000 suppliers, Schneider Electric’s threat landscape is evolving rapidly, and so is the risk profile of each supplier.

Schneider Electric’s Cybersecurity Strategy and Governance teams (further “team” in the text) led by Mansur Abilkasimov, Deputy Global CISO, Vice President in charge of Cybersecurity strategy, integrated BitSight’s Third-Party Risk Management technology and advisory capabilities into their company’s wider third-party cyber risk management initiative.

Schneider Electric uses BitSight to facilitate:

  • Trusted data and analytics to evaluate partners’ cybersecurity posture & hygiene
  • Measured success of the supplier cyber program via easy-to-read reports
  • Professional & risk-driven supplier interactions for continuous improvement
  • A single platform shared with suppliers to remediate risks (enabled by BitSight Enable Vendor Access (EVA) technology)

When implementing the Third-Party Cyber Risk Management capabilities from BitSight, Schneider Electric aimed to gain comprehensive and actionable insights into supply chain risks, and get ahead of potential threats targeting their expanding supply chain ecosystem. Monitoring the most critical suppliers with trusted and actionable Security Ratings helps proactively reduce risk, but is not enough if the team is not looking at remediation.

Schneider Electric utilizes BitSight’s Advisor Services to support their third-party risk remediation needs. BitSight Advisors are alerted when critical supplier scores drop, or when pre-determined risk vectors are triggered. With BitSight, Schneider Electric was able to quickly and effectively manage risks targeting their supply chain without extending resources to train new team members. BitSight Advisors were already familiar with Schneider Electric’s program and could proactively identify remediation and reporting opportunities to best work for the team.

BitSight’s Advisors are so proactive and collaborative that we have decided to integrate them as an extension of our internal team.” continues Mansur. When alerts happen, Schneider Electric is able to flag risks and grant the supplier complimentary access to the BitSight platform to help them reduce risks efficiently across the value chain.

"Our vision is to foster trust in the value chain. That is only possible with robust cyber conversations with our partner ecosystem. That is the reason why we use BitSight technology and advisory capabilities, among other means, as part of those conversations"

Mansur Abilkasimov
Deputy Global CISO, Vice President in charge of Cybersecurity strategy, Schneider Electric

Schneider Electric’s cybersecurity management does not end with Third-Party Cyber Risk Management. The team also leverages BitSight for Security Performance Management (SPM) to monitor the security performance of the company and its non-integrated subsidiaries.