Supply chain security is challenging due to the inherent complexity of global supply chains. The challenge of supply chain security programs is the ability to manage the interdependencies of hardware, software, firmware, and the human relationships and factors that introduce the product into your environment. In Secure SCM, you are only seen as a snippet of code lifted from Github by a coder paid for by a junior developer through an odd-job posted on Fiverr.
This same complexity was inherent when the Open Systems Interconnection (OSI) model set a standard communication and data processing structure that is used today. We will propose a model to articulate supply chain risk, mitigating controls, and a risk scoring methodology for the security of the supply chain.
Articulate the complex process of supply chain management.
Identify a model to manage supply chain risk.
Define mitigating controls and a risk scoring methodology for supply chain security risk.
Sr. Director, IT Security,
Cystic Fibrosis Foundation
CISSP, SSCP, CISA, CPP,
Chief Information Security Officer,
NextEra Energy, Inc.