As a way to encourage stakeholders and partners to pursue rigorous supply chain risk management (SCRM) solutions, the Cybersecurity and Infrastructure Security Agency (CISA) and a mix of federal and industry partners are highlighting SCRM as the recipe for resilience in this National Supply Chain Integrity month.
This April marks the sixth annual event of its kind, and includes themed weeks meant to raise awareness, provide information and overall support an improved security focus nationwide. The first week will focus on the essentials, while the second will highlight resources for small and medium-sized businesses. It will then focus on the trustworthiness of vendors and suppliers, and finally, it will dive into common supply chain threats.
“The past few years have taught us how disruptive events can have cascading supply chain impacts on American businesses and the public,” Mona Harrington, CISA Assistant Director for the National Risk Management Center, said. “As organizations introduce technology into their operations, they must take a comprehensive approach in their strategy for supply chain resilience, which includes being smart about their procurement process, knowing who makes up their extended supply chains, and applying basic cyber hygiene. Government and industry must work together to shift from a reactive to a proactive approach for supply chain risk management.”
Overall, the message can be broken down into the simple adage: the chain is only as strong as its weakest link. Vulnerabilities in information and communications technology (ICT) can and have been exploited, CISA noted, and the consequences can have rippling effects not just within a business, but across whole sectors and national critical functions.