Register

Supply Chain Security

Connected operational environments have led to rising cybersecurity risks throughout the supply chain, prompting an increased need to focus on and develop appropriate response strategies, policies, processes, and procedures. Enterprises must identify, assess, select, and implement Risk Management processes while mitigating appropriate controls. These measures would help manage cybersecurity risks throughout the supply chain.

Identifying cybersecurity risks throughout the supply chain is complicated by the information asymmetry that exists between organizations, their suppliers, and service providers. As a result, organizations must build their cybersecurity supply chain risk considerations and requirements into their acquisition processes and highlight the importance of risk monitoring. In addition, as cybersecurity risks can crop up at any point in the lifecycle or within any link in the supply chain, organizations must also consider “potential” vulnerabilities.

EU releases Network Code on Cybersecurity for electricity sector to boost resilience, cross-border protection
EU releases Network Code on Cybersecurity for electricity sector to boost resilience, cross-border protection
The European Union has released the inaugural EU Network Code on Cybersecurity for the electricity sector, marking a significant advancement in enhancing the cyber resilience of vital EU energy infrastructure and services. This publication is a crucial supplement to Regulation…
Strengthening industrial supply chain security by addressing challenges, strategies, collaborative initiatives
Strengthening industrial supply chain security by addressing challenges, strategies, collaborative initiatives
Bringing about cybersecurity and protecting across the industrial supply chain involves working through a maze of challenges and complexities that can make even the most seasoned professionals break a sweat. Integration of digital technologies, while undoubtedly boosting efficiency, opens the…
Claroty reports critical OT assets vulnerable to internet exploitation; release of xDome Secure Access
Claroty reports critical OT assets vulnerable to internet exploitation; release of xDome Secure Access
Claroty, an industrial cybersecurity firm, revealed that 13 percent of the most critical OT (operational technology) assets are inadequately connected to the Internet. In a comprehensive analysis of over 125,000 OT assets, Claroty's Team82 researchers identified that 3.7 percent were…
New data from GHD Digital revealed critical infrastructure under siege amidst rising cyber threats, vulnerabilities
New data from GHD Digital revealed critical infrastructure under siege amidst rising cyber threats, vulnerabilities
New GHD Digital research revealed that critical infrastructure systems face a growing wave of sophisticated cyber threats, with threat actors targeting vulnerabilities in aging operational technology (OT) systems. About nine in ten critical infrastructure organizations, such as those involved in…
HHS’ ARPA-H launches UPGRADE program to enhance hospital cyber resilience
HHS’ ARPA-H launches UPGRADE program to enhance hospital cyber resilience
The U.S. Department of Health & Human Services (HHS), through its Advanced Research Projects Agency for Health (ARPA-H), has introduced the Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE) program. The move works to bring together equipment manufacturers, cybersecurity experts,…

Industrial Cyber Experts

Jonathon Gordon
Enhancing industrial cybersecurity by tackling threats, complying with regulations, boosting operational resilience
Organizations across the industrial cybersecurity space are constantly dealing with challenges including software breaches, hardware vulnerabilities, supply chain... Read full story
Sinclair Koelemij
Vulnerability handling according to the European Cyber Resilience Act (CRA)
So far, cybersecurity regulations in Europe have been primarily driven by the NIS2 regulations. The NIS2 regulations are... Read full story
Kevin Kumpf
Addressing complexities of zero trust implementation in OT/ICS environments to bolster cybersecurity
Incorporating a zero-trust framework into OT (operational technology) and ICS (industrial control system) environments becomes imperative in addressing... Read full story
Tom Alrich
Navigating industrial cyber threats with SBOMs, VEX, CSAF for enhanced supply chain resilience
A significant rise in cybersecurity threats and attacks, particularly targeting software supply chains, has led to heightened scrutiny... Read full story
Experts

More Supply Chain Security posts:

Slicing through Biden’s NSM-22 amidst ongoing need to shore up critical infrastructure security and resilience
Slicing through Biden’s NSM-22 amidst ongoing need to shore up critical infrastructure security and resilience
Vulnerabilities in GE Healthcare Vivid ultrasound system could allow malicious insiders to install ransomware, access patient data
Vulnerabilities in GE Healthcare Vivid ultrasound system could allow malicious insiders to install ransomware, access patient data
Elevating industrial cybersecurity: Insights from the 2024 RSA conference
Elevating industrial cybersecurity: Insights from the 2024 RSA conference
Global alarm intensifies as state-sponsored cyberattacks raise risks to critical infrastructure, national security
Global alarm intensifies as state-sponsored cyberattacks raise risks to critical infrastructure, national security
CISA issues ICS advisories covering hardware vulnerabilities in Rockwell, Mitsubishi Electric equipment
US CISA issues ICS advisories on hardware vulnerabilities in Rockwell Automation, alpitronic, Delta Electronics
Transnational cybersecurity agencies release guidance on secure procurement of digital products, services
Transnational cybersecurity agencies release guidance on secure procurement of digital products, services

Join the Industrial Cyber Community

Get the latest breaking OT/ICS news, access the resources and participate in our ICS Forum.
Register