Home Industry News Cyber needs to be a part of supply chain...

Cyber needs to be a part of supply chain risk management, federal agency says


Supply chain threats and vulnerabilities are adversarial and unintentional, so companies have to be cognizant of both, said Jon Boyens, deputy chief of the computer security division at the National Institute of Standards and Technology (NIST), during a virtual panel hosted by the National Cybersecurity Center of Excellence (NCCoE) Thursday.

Risks in the supply chain are typically found at an intersection of traditional information security and traditional logistics-based supply chain.  It’s also the products NIST considers counterfeit products, hardware and software delivered with vulnerabilities, insider threats, and networks shared with partners as different types of cybersecurity risks to the supply chain. Other risks that are less directly related to cyber include poor quality control and maintenance in products and services.

Related Posts

Latest Updates