We Cannot Blindly Reap the Benefits of a Globalized ICT Supply Chain.

摘要

Information and Communication Technology (ICT) Supply Chain Risk Management (SCRM) seeks to manage and mitigate cyber and supply chain risk throughout an acquisition and sustainment lifecycle for an element or a system. It is a multi-disciplinary challenge that requires contributions and collaboration among many disciplines. Key areas include systems engineering, system security engineering, information security, software development, application security, supply chain and logistics planning and management, IT resiliency, and risk management. While many areas are making great strides in developing and implementing best practices and tools to combat their individual cyber challenges, it is imperative for successful enterprise risk management to view the challenge holistically and align common best practices and initiatives, some from/for the public sector and some from/for the private sector.