Disney, Depp and the cyber supply chain risk management problem

One field-tested security strategy for information systems and digital content is to address the problem through processes, people and technology. On the process front, all companies involved in the production of digital IP should, by now, be adhering to a proven information security framework that fully addresses supply chain risks. That includes making sure your digital IP is protected at all times, even during post-production (or maybe we should say especially during post-production, given recent incidents).

Fortunately, there is a ready-made cybersecurity framework that companies can use, at no charge, thanks to the US federal government, which has done some sterling work in this area, namely the NIST Cybersecurity Framework.

The current version is a great way to get a handle on your organization’s cybersecurity, and the next version, currently in draft, goes even deeper into the need to maintain cybersecurity throughout the supply chain. For that reason, the draft is worth quoting at length:

“The practice of communicating and verifying cybersecurity requirements among stakeholders is one aspect of cyber supply chain risk management (SCRM). A primary objective of cyber SCRM is to identify, assess and mitigate “products and services that may contain potentially malicious functionality, are counterfeit, or are vulnerable due to poor manufacturing and development practices within the cyber supply chain.”

Read more at Disney, Depp and the cyber supply chain risk management problem

Leave your comments below or contact us for discussions.

Share on FacebookShare on Google+Share on LinkedInTweet about this on TwitterEmail this to someone

Commentary: Managing risk in the global supply chain

The World Economic Forum defines global risk as an uncertain event that, if it occurs, can cause significant negative impact for several countries or industries within the next 10 years.
Global supply chains create both opportunity and risk. Some of the macro issues we face both in day-to-day operations and future planning include cybersecurity, terrorism, climate change, economic instability, and political discord.
More specific to executives who manage global supply chains, risk is more apparent, and on a micro-basis potentially more consequential in the short term, in areas such as but not limited to reducing spend, leveraging sourcing options, creating sustainability, political and currency instability, government regulations in the U.S. and abroad, trade compliance management, free trade agreements, energy costs, and what the incoming Trump administration will mean for global trade.
Since the recession in 2008-2009, we have witnessed a serious uptick in companies worldwide reviewing their operational exposure and then creating risk strategies in managing these vulnerabilities. Risk exposure can negatively impact margin, profits, growth strategies, operational stability and personnel maintenance.
For companies operating in global supply chains the risks are vast, convoluted and often unanticipated. As a result, we tend to be unprepared for the impacts.

Read more at Commentary: Managing risk in the global supply chain

We welcome any kinds of opinions, share it at the comment box below. Subscribe us to get updates in your inbox.

Share on FacebookShare on Google+Share on LinkedInTweet about this on TwitterEmail this to someone