he dynamism of the current business environment emanates significant challenges and disruption risks for supply chains. These vulnerabilities in contemporary supply chains have motivated a substantial academic focus on supply chain risk management (SCRM). In the empirical literature on SCRM, a firm’s external environment is conceptualized as a source of risk, and various organizational and technological factors are discussed as influencers of SCRM.
Cybersecurity Reference and Resource Guide
2019 Cybersecurity Resource and Reference Guide_DoD-CIO_Final_2020FEB07
The purpose of this document is to provide a useful reference of both U.S. and International resources, in order to develop cybersecurity programs and to build and maintain strong network protection. Extensive reference materials exist that support efforts to build and operate trusted networks and ensure information systems maintain an appropriate level of confidentiality, integrity, authentication, non-repudiation, and availability. The resources compiled here support security cooperation and shared best practices to help achieve collective cybersecurity goals. This guide provides readily available and unclassified information pertaining to cybersecurity norms, best practices, security cooperation, policies and standards authored and adopted by the United States (U.S.) government, the U.S. Department of Defense (DoD), and recognized international institutes and workforce development training resources provided by government, industry, and academia.
Aspects related to Cyber Supply Chain Risk Management in the document:
Cyber Supply Chain Risk Management (SCRM) is the process of identifying, assessing, and mitigating the risks associated with the distributed and interconnected nature of information and operational technology product and service supply chains. It covers the entire life cycle of a system (including design, development, distribution, deployment, acquisition, maintenance, and destruction) as supply chain threats and vulnerabilities may intentionally or unintentionally compromise an information and operational technology product or service at any stage.
Website: https://csrc.nist.gov/Projects/Supply-Chain-Risk-Management
NIST SP 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, April 2015
Federal agencies are concerned about the risks associated with information and communications technology (ICT) products and services that may contain potentially malicious functionality, are counterfeit, or are vulnerable due to poor manufacturing and development practices within the ICT supply chain. These risks are associated with the federal agencies decreased visibility into, understanding of, and control over how the technology that they acquire is developed, integrated, and deployed, as well as the
processes, procedures, and practices used to assure the integrity, security, resilience, and quality of the products and services. This publication provides guidance to federal agencies on identifying, assessing, and mitigating ICT supply chain risks at all levels of their organizations. This publication integrates SCRM into federal agency risk management activities by applying a multi- tiered, SCRM-specific approach, including guidance on supply chain risk assessment and mitigation activities.
Website: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161.pd
Cybersecurity and Information Systems Digest
Cybersecurity & Information Systems Information Analysis Center (CSIAC)
14 DECEMBER 2021
The Digest is a newsletter intended to provide readers with a greater awareness of the latest research and development trends in the four technical focus areas supported by CSIAC while also highlighting recent CSIAC activities, services, and products.
Find the latest issue at this link:
Defense Technical Information Center (DTIC) Library
Access the latest supply chain reports and information at this link:
Application of AI in SCM or Supply Chain 4.0
Learning from supply disruptions caused by SARS-CoV-2: use of additive manufacturing as a resilient response for public procurement
The SARS-CoV-2 pandemic has had severe effects on economies worldwide and, in particular, on public institutions that must keep their operations running while supply chains are interrupted. The purpose of this study is to examine how public institutions act during a pandemic to ensure the security of supply.
How the Covid-19 pandemic has affected, and will affect, operations and supply chain management research and practice
The Covid-19 pandemic has caused significant impacts at all levels – societal, organizational and personal. At the time of writing, there has been a significant death toll worldwide with many nations still gripped by restrictions put in place to mitigate the impact of the virus. Some countries are beginning to recover, although the impacts will be felt for many years. Rather than writing a reflection piece on the EurOMA conference that was held virtually in 2020, we thought it best to consider how the pandemic has impacted research and practice in operations and supply chain management (OSCM).
Performance Assessment of Oil Supply Chain Infrastructure Subjected to Hurricanes
The petroleum industry in the United States relies heavily on facilities in hurricane-prone regions, such as the Gulf Coast. Past hurricanes have demonstrated the vulnerability of petroleum supply chains to these extreme events; however, models are lacking for hurricane performance assessment of petroleum supply chain infrastructure. In this study, a probabilistic framework is presented for the performance assessment of oil supply chain infrastructure (OSCI) subjected to hurricane events, spanning from a methodological definition to implementation to opportunities and needs. The framework leverages Bayesian networks for probabilistic analysis of connectivity and flow within the oil supply chain, alongside fragility functions for physical damage and functionality assessment of supply chain components. A literature survey is conducted to identify the tools enabling the proposed framework. Application of the method for probabilistic assessment of tightly interrelated oil supply chains subjected to hurricane events is demonstrated with a representative OSCI comprised of platforms, ports, pipelines, refineries, storage facilities, power, and transportation infrastructure. In addition to investigating the impact of alternative levels of hazard exposure and the effectiveness of different mitigation actions, the framework affords the potential for Bayesian updating as new data come online regarding the component performance or product availability/flow. The proposed framework can provide a foundation to support risk mitigation and resilience enhancement efforts in the petroleum industry.
DOE: Securing the United States Bulk-Power System
Pursuant to Executive Order 13920 (/executive-order/13920) (E.O. 13920 (/executive-order/13920)) issued May 1, 2020, titled “Securing the United States Bulk-Power System,” the Department of Energy (DOE or the Department) is seeking information to understand the energy industry’s current practices to identify and mitigate vulnerabilities in the supply chain for components of the bulk-power system (BPS).
Counterfeit Parts Prevention Strategies Guide
This document is intended to be a valuable guide for all contractors and suppliers, regardless of tier, to facilitate implementation of an effective counterfeit electronic parts avoidance and detection system, thereby reducing risk within government products. By increasing awareness and fostering collaboration throughout the supply chain, the risk of inadvertently procuring and using counterfeit parts at any level within the supply chain can be prevented.