There’s a prevailing trend to force organizations into looking more closely at their Cybersecurity – Supply Chain Risk Management (C-SCRM). Key regulations both here in the U.S. and EU are beginning to require more certifications, reporting, and direct responsibility by both government and private entities as well as software manufacturers. All of these are aimed at enhancing trust and resilience in supply chain security.
More regulations
First let’s look at why there’s more of a push to bolstering standards and adding more regulations relevant to C-SCRM. In today’s interconnected landscape, organizations rely on suppliers and vendors having real-time access to systems and physical devices. In the operational technology (OT) world this often means vendors having access to maintain and support systems such as power generation plants, water treatment, and automated manufacturing equipment. For many manufacturers or utility companies this may mean access from multiple vendors all with their own supply chains and risks.
These multiple vendors in a distributed supply chain present some significant…
