A Brief History of Cyber-SCRM

Classic logistics supply chain risk management (SCRM) has always been important, but our new digitally-driven, software enabled, globally sourced information communications technology (ICT) eco-system demands we all pay much closer attention to Cyber-SCRM.  This ISSA Cyber Executive Forum session will be reviewing what the USG and others have been doing to mitigate risks from their global supply chains, starting from pre- US Comprehensive National Cyber Security Initiative Task #11 (CNCI-SCRM) in the early 2000’s, thru 2017 US DHS Broad Operational Directive (BOD 17-01) on Kaspersky Anti-Virus and recent USG “bans” on Huawei and ZTE and more recent DHS/CISA’s new ICT-SCRM Task Force initiatives.

Additionally, the 2020 USG Cybersecurity Solarium Commission Report ( https://s.wsj.net/public/resources/documents/CSC%20Final%20Report.pdf ) calls for us to:  “RESHAPE THE CYBER ECOSYSTEM TOWARD GREATER SECURITY”; “…as technology supply chains have become more complex and global”; we must all, “Increase Support to Supply Chain Risk Management Efforts” and increase “Direct Investments for ICT Industrial Capacity and Trusted Supply”.