May 18, 2021
Hosted by Bonnie D. Graham
The Buzz 1: “Indirect attacks against weak links in the supply chain now account for 40 percent of security breaches.” (Accenture Security / Third State of Cyber Resilience Report, www.ironnet.com) The Buzz 2: Cybersecurity in the supply chain cannot be viewed as an IT problem only. Cyber supply chain risks touch sourcing, vendor management, supply chain continuity and quality, transportation security and many other functions across the enterprise and require a coordinated effort to address.” (csrc.nist.gov) In a renewed focus on supply chain risk management and protection, and to vet their suppliers’ cybersecurity maturity, the US Department of Defense and federal government have established the Cybersecurity Maturity Model Certification (CMMC). Direct suppliers and others will be required to reach a prescribed level of maturity and be certified by a third party just to qualify to do business with state and federal agencies. Industry observers expect these requirements will be adopted in the commercial space to mitigate supply chain risk there, as well. Heads-up to all CFOs: Not attaining CMMC certification for your supply chain cybersecurity may impact your ability to drive revenue and to do business. We’ll discuss why CFOs needs to focus on supply chain management impact on cash flow, working capital and shareholder value; best practices for supply chain risk management; the importance of these federal and state guidelines; and how to identify, define, and automate the essential data handling and security controls for sensitive data within the supply chain. We’ll ask Keyaan J. Williams at CLASS-LLC, Keng Lim at NextLabs and Anne Marie Colombo at SAP for their take on CFOs: Get Ready for Cybersecurity Maturity Model Certification!