Developing Supply Chain Capabilities Through Digitalization and Viability for Controlling the Ripple Effect

The COVID-19 pandemic affected all industries and presented manufacturing firms with enormous challenges, with considerable changes in consumer demand for goods and services. Supply chain management disruption caused by the COVID-19 outbreak resulted in several socio-economic roadblocks. The slow propagation of disruption risk results in a ripple effect along the entire chain. The lack of resilience and risk management capability is the prime cause, attributed to the unavailability of digital resources, skills, and knowledge. 

Read Full Publication

Manipulating Supply Chain Demand Forecasting With Targeted Poisoning Attacks

Demand forecasting (DF) plays an essential role in supply chain management, as it provides an estimate of the goods that customers are expected to purchase in the foreseeable future. While machine learning techniques are widely used for building DF models, they also become more susceptible to data poisoning attacks. In this article, we study the vulnerability of targeted poisoning attacks for linear regression DF models, where the attacker controls the behavior of forecasting models on a specific target sample without compromising the overall forecasting performance.

Full Publication

Manufacturer’s Contexts, Supply Chain Risk Management, and Agility Performance

he dynamism of the current business environment emanates significant challenges and disruption risks for supply chains. These vulnerabilities in contemporary supply chains have motivated a substantial academic focus on supply chain risk management (SCRM). In the empirical literature on SCRM, a firm’s external environment is conceptualized as a source of risk, and various organizational and technological factors are discussed as influencers of SCRM. 

Full Publication

Cybersecurity Reference and Resource Guide

2019 Cybersecurity Resource and Reference Guide_DoD-CIO_Final_2020FEB07

The purpose of this document is to provide a useful reference of both U.S. and International resources, in order to develop cybersecurity programs and to build and maintain strong network protection. Extensive reference materials exist that support efforts to build and operate trusted networks and ensure information systems maintain an appropriate level of confidentiality, integrity, authentication, non-repudiation, and availability. The resources compiled here support security cooperation and shared best practices to help achieve collective cybersecurity goals. This guide provides readily available and unclassified information pertaining to cybersecurity norms, best practices, security cooperation, policies and standards authored and adopted by the United States (U.S.) government, the U.S. Department of Defense (DoD), and recognized international institutes and workforce development training resources provided by government, industry, and academia.

Aspects related to Cyber Supply Chain Risk Management in the document:

Cyber Supply Chain Risk Management (SCRM) is the process of identifying, assessing, and mitigating the risks associated with the distributed and interconnected nature of information and operational technology product and service supply chains. It covers the entire life cycle of a system (including design, development, distribution, deployment, acquisition, maintenance, and destruction) as supply chain threats and vulnerabilities may intentionally or unintentionally compromise an information and operational technology product or service at any stage.

Website: https://csrc.nist.gov/Projects/Supply-Chain-Risk-Management

NIST SP 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, April 2015

Federal agencies are concerned about the risks associated with information and communications technology (ICT) products and services that may contain potentially malicious functionality, are counterfeit, or are vulnerable due to poor manufacturing and development practices within the ICT supply chain. These risks are associated with the federal agencies decreased visibility into, understanding of, and control over how the technology that they acquire is developed, integrated, and deployed, as well as the
processes, procedures, and practices used to assure the integrity, security, resilience, and quality of the products and services. This publication provides guidance to federal agencies on identifying, assessing, and mitigating ICT supply chain risks at all levels of their organizations. This publication integrates SCRM into federal agency risk management activities by applying a multi- tiered, SCRM-specific approach, including guidance on supply chain risk assessment and mitigation activities.

Website: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161.pd

Cybersecurity and Information Systems Digest

Cybersecurity & Information Systems Information Analysis Center (CSIAC)
14 DECEMBER 2021

The Digest is a newsletter intended to provide readers with a greater awareness of the latest research and development trends in the four technical focus areas supported by CSIAC while also highlighting recent CSIAC activities, services, and products.

Find the latest issue at this link:

14 DECEMBER 2021 – CSIAC