Register

Supply Chain Security

Connected operational environments have led to rising cybersecurity risks throughout the supply chain, prompting an increased need to focus on and develop appropriate response strategies, policies, processes, and procedures. Enterprises must identify, assess, select, and implement Risk Management processes while mitigating appropriate controls. These measures would help manage cybersecurity risks throughout the supply chain.

Identifying cybersecurity risks throughout the supply chain is complicated by the information asymmetry that exists between organizations, their suppliers, and service providers. As a result, organizations must build their cybersecurity supply chain risk considerations and requirements into their acquisition processes and highlight the importance of risk monitoring. In addition, as cybersecurity risks can crop up at any point in the lifecycle or within any link in the supply chain, organizations must also consider “potential” vulnerabilities.

DoD proposes CMMC 2.0 rule to enhance cybersecurity in defense industrial base, seeks comment
DoD proposes CMMC 2.0 rule to enhance cybersecurity in defense industrial base, seeks comment
The U.S. Department of Defense (DoD) is proposing to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to incorporate contractual requirements related to the proposed Cybersecurity Maturity Model Certification (CMMC) 2.0 program rule, Cybersecurity Maturity Model Certification program. The proposed…
CISA publishes Software Acquisition Guide to add software assurance in C-SCRM lifecycle
CISA publishes Software Acquisition Guide to add software assurance in C-SCRM lifecycle
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently released a guide that consolidates relevant software assurance guidance and frameworks into a single document and enables stakeholders to navigate through these requirements in a clear, concise manner. The Software Acquisition…
US security agencies focus on protecting critical supply chains from foreign adversarial exposure
US security agencies focus on protecting critical supply chains from foreign adversarial exposure
The ODNI (Office of the Director of National Intelligence) and NCSC (National Counterintelligence and Security Center) identified that cyber supply chain challenges are intensifying with profound implications for U.S. national security and economic resilience. It also recognized that collaboration with…
Intensifying focus on advancing product security in OT and ICS environments amid escalating cyber threats
Intensifying focus on advancing product security in OT and ICS environments amid escalating cyber threats
From a vendor's perspective, the rising cyber threats and attacks have put a sharp focus on the need for product security within OT and ICS environments. It puts vendors in a position with challenges related to how best to implement…
Cybersecurity advisory warns of espionage by DPRK's Andariel group targeting global critical sectors
Cybersecurity advisory warns of espionage by DPRK’s Andariel group targeting global critical sectors
Global security agencies issued a cybersecurity advisory on Thursday, highlighting cyber espionage activities linked to the Democratic People’s Republic of Korea (DPRK)’s Reconnaissance General Bureau (RGB) 3rd Bureau, located in Pyongyang and Sinuiju. The bureau encompasses a state-sponsored cyber group…

Industrial Cyber Experts

Tony Turner
Intensifying focus on advancing product security in OT and ICS environments amid escalating cyber threats
From a vendor’s perspective, the rising cyber threats and attacks have put a sharp focus on the need... Read full story
Ilan Barda
Analyzing role of C-Level executives, management in enhancing cybersecurity within industrial sectors
Securing C-Level buy-in is becoming increasingly crucial for implementing cybersecurity measures across industrial and operational environments. Support from... Read full story
Jonathon Gordon
Enhancing industrial cybersecurity by tackling threats, complying with regulations, boosting operational resilience
Organizations across the industrial cybersecurity space are constantly dealing with challenges including software breaches, hardware vulnerabilities, supply chain... Read full story
Sinclair Koelemij
Vulnerability handling according to the European Cyber Resilience Act (CRA)
So far, cybersecurity regulations in Europe have been primarily driven by the NIS2 regulations. The NIS2 regulations are... Read full story
Experts

More Supply Chain Security posts:

New EU risk assessment report assesses cybersecurity in Europe's telecommunications, electricity sectors
New EU risk assessment report assesses cybersecurity in Europe’s telecommunications, electricity sectors
OTORIO report reveals significant disruption from cyber attacks, growing concerns in OT security landscape
OTORIO report reveals significant disruption from cyber attacks, growing concerns in OT security landscape
Dragos details novel FrostyGoop ICS malware using Modbus TCP to disrupt OT operations worldwide
Dragos details novel FrostyGoop ICS malware using Modbus TCP to disrupt OT operations worldwide
Unique malware identified in Panchan botnet with advanced persistence techniques
Unique malware identified in Panchan botnet with advanced persistence techniques
Increased focus to bolster cybersecurity stance across global energy supply chains, as attacks rise
Increased focus to bolster cybersecurity stance across global energy supply chains, as attacks rise
UK set to debut Cyber Security and Resilience Bill to boost national cyber defenses, secure critical infrastructure
UK set to debut Cyber Security and Resilience Bill to boost national cyber defenses, secure critical infrastructure

Join the Industrial Cyber Community

Get the latest breaking OT/ICS news, access the resources and participate in our ICS Forum.
Register