The “SolarWinds” event has drawn intense scrutiny of how commercial enterprises as well as government agencies are exposed to threats that can be delivered through the supply chain. The result will be many government initiatives, and new contract requirements, obligating companies to improve and disclose measures taken to assess and minimize supply change risks.
Given the anxiety over secure sources of supply and the damage done by “SolarWinds,” organizations serving federal customers should map the present and expected landscape of SCRM requirements and carefully consider strategy, tools, techniques and implementation to produce strong “SCRM plans,” which meet or exceed acquisition demands.
This program will explore:
- The state of measures taken by federal agencies to protect against supply chain risks
- Lessons known from “SolarWinds” and actionable recommendations to industry
- New and emerging requirements impacting how federal contractors manage their supply chains
- How “CMMC 2.0” may operate at the nexus between SCRM and information security
- NIST and other practices and standards useful to the acquisition community and federal suppliers
- How “Supply Chain Illumination” fits into federal and enterprise supply chain risk management
- Sources of insight and intel into emerging supply chain vectors, threats and attacks
- Practical guidance on SCRM plan structure, sustainment and documentation