April is National Supply Chain Integrity Month, and the Cybersecurity and Infrastructure Security Agency (CISA) is promoting a call to action to strengthen companies’ supply chains. This week, we would like to update you with two new supply chain topics and resources: Assessing ICT Trustworthiness and Understanding Supply Chain Threats. These two go hand in hand because protecting your company’s information requires understanding not only your company’s immediate supply chain, but also assessing your trust with outside vendors and suppliers. According to a recent study by the ICT SCRM Task, Building A More Resilient ICT Supply Chain: Lessons Learned During The COVID-19 Pandemic, the pandemic exposed how some manufacturing companies were unprepared for disruptions due to their reliance on lean inventory models and a lack of understanding of the operations of their junior tier suppliers and where they are located. The consequences of a supply chain disruption can be costly and pose unique security threats.
The ICT SCRM Task Force’s resources can help you better understand the supply chain and efficiently manage your resources:
- Mitigating ICT Supply Chain Risks with Qualified Bidder and Manufacturer Lists: This report provides organizations a list of criteria and factors that can be used to inform a company’s decision to build or rely on a qualified list for the acquisition of ICT products and services.
- Vendor SCRM Template: This template provides a set of questions regarding an ICT supplier/provider’s implementation and application of industry standards and best practices that can help guide supply chain risk planning in a standardized way.
- Threat Scenarios Report: This report helps companies ensure they have security measures in place to mitigate against the most common supply chain threats.
To learn more about supply chain risk management resources, download Part 1: The Fundamentals of Cybersecurity as part of the NTCA Cybersecurity Series. The NTCA Cybersecurity Series is a comprehensive guide consisting of four components designed to help telco executives, board officers and operational staff develop a risk-management approach to cybersecurity. These components are designed to work together to help improve cybersecurity practices and will complement a series of free webinars for NTCA members held throughout 2021. For more information on the next webinars, visit the Cybersecurity Series website.