Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎05-14-2022 09:30 PM
‎05-14-2022 09:30 PM

Supply chain a large opportunity for attacks

Hi All

 

Black Asia raises some important questions about supply chain security.

 

https://www.darkreading.com/risk/black-hat-asia-firmware-supply-chain-woes-plague-device-security

 

Regards

 

Caute_Cautim

Reply
1 Reply
CraginS
Defender I
‎05-16-2022 02:13 PM
‎05-16-2022 02:13 PM

The linked article, leading back to the actual original work cited, is a good example of the challenges of supply chain risk management (SCRM) in the cyber world. As background, I worked on the original, nascent  US Defense Department SCRM program when it was still classified as Comprehensive National Cybersecurity Initiative #11. At that time we made the observation, and tried to spread it widely, that in the traditional logistics community supply chain risk is all about risks TO the supply chain, such as damage, theft, delivery delays, transportation issues, intermediate warehouse problems, etc. Markedly different is supply chain risk in the cyber world, where we are concerned with risks THROUGH the supply chain. For our world, the focus is on the reality that the supply chain can become a very effective attack vector against most any operational activity. 

 

The article John linked to, without listing any of the 'important questions" he alluded to, is a good start on becoming aware of how cyber SCRM has become so complex in the past decade.

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
Reply