Webinar: Cyber Supply Chain Risk Management Overview

Thursday, November 15, 2012

Event Overview

National Institute of Standards and Technology (NIST) recently held a workshop on Information and Communication Technology (ICT) Supply Chain Risk Management (SCRM).  ICT SCRM is an emerging discipline that addresses the risks from physically dispersed supply chain for ICT products and services to the organizations telecommunications and IT infrastructure.  Organizations that acquire ICT products and services are often not aware of where the individual hardware and software components originate and how they were put together.  As a result the rigor of practices used to create ICT products and services is not visible to the organization that acquires a product or a service therefore creating a risk to this organization.  To date, ICT SCRM efforts have been focused on US government, defense, IT and telecommunications sector with a minimal participation by the utilities industry.  With the increased reliance on telecommunications network, components, and services, the ICT SCRM challenge is applicable to the utilities industry as well as to the telecommunications and IT industry.  A number of recent articles and reports underscore the relevance of ICT supply chain to the critical infrastructure industry, including utilities.  This webinar will discuss ICT SCRM as a problem space and provide an overview of standards and best practices developed to date.