Cybersecurity

Software Supply Chain Risk Management: Leveraging Standards to Communicate Expectations

Posted: 10/26/2018 - 00:41
Growing concerns related to dependencies on software-reliant information communications technology (ICT) and Internet of Things (IoT) devices are pushing changes in governance associated with supply chain risk management (SCRM). The possibility of disruption exists because the software that enables critical capabilities is vulnerable and exploitable. Exploit potential is often more about the vulnerability of assets in target organizations than the ingenuity of the attackers.

Time to Worry about your Software Supply Chain?

Posted: 10/09/2018 - 00:07
Software has become crucial to every industry. Yet ensuring the software system you are buying or licensing is authentic and free from defect or malware is a challenge. The QA procedure in old-school manufacturing is to test a random set of newly delivered widgets for their compliance with approved specifications. But you can’t really take the same simple approach with software. 
 

The Power of Collaboration

Posted: 05/12/2018 - 00:02

Members of RMA’s Third-Party Risk Management Round Table are experienced leader-practitioners, individually and collectively creating emerging best practices in third-party risk management. As the round table’s facilitator, subject matter expert, and member of the Steering Committee, it’s exciting and rewarding for me to be integral to this evolution.

Intelligent Automation Inspires New Plans For Onshoring

Posted: 11/04/2017 - 03:01

Offshoring and outsourcing don’t exist in a vacuum. These are processes that take advantage of and are influenced by technology, politics and the larger economy. Look at the last big round of offshoring at the start of the century. It didn’t just “happen” without any reason. Very specific changes facilitated this age of outsourcing.

The tip of the infosec iceberg?

Posted: 03/21/2017 - 08:12

Recent stories by, amongst others, the BBC detailing large, well-organised and presumably very profitable scamming organisations targeting UK TalkTalk customers have hardly helped the already-lowly reputation of offshore contact centres - but may unfortunately be only the tip of a perilous iceberg.

What your suppliers aren’t telling you (and why you should worry)

Posted: 02/28/2017 - 07:20

In a multi-partner service delivery model, transparency and visibility are essential to an effective security and supplier risk management (SRM) strategy. Yet a wide range of evidence suggests that this transparency is sorely lacking in many cases. According to a study by the independent Ponemon Institute, 73 per cent of suppliers that experience a data breach don’t notify other vendors in the supply chain, while more than a third (37 per cent) of suppliers don’t notify their customers.

Contracting for emerging technologies: change with the changes

Posted: 02/21/2017 - 05:15

Emerging technology services have revolutionised the sourcing industry. These disruptive technologies like autonomics, interface technologies, big data analytics and other computing technologies have permitted smaller companies to successfully challenge established incumbent businesses. Specifically, as incumbents focus on improving their products and services for their most demanding (and usually most profitable) customers, they may exceed the needs of some segments and ignore the needs of others.

Pages

Subscribe to RSS - Cybersecurity