Computers these days have numerous parts that are developed worldwide, both hardware and software alike. Government officials require strict reporting of how the product got developed before purchasing for security reasons. Supply chain risk management requires heavy reviews of third party vendor to ensure there are no vulnerabilities.
Supply chain involves more than just cyber and requires numerous policies to ensure security is not compromised. From setting compliance standards for all manufacturers, suppliers, and distributors to establishing backup and recovery plans, it requires a lot of work all around. There have been many instances where data was breached due to third party software and hardware being compromised due to poor security practices and counterfeit hardware being embedded with malware. It’s always good to not only implement standards but to have a review team as well to audit.
HansITAcademy 