The 3 most common attack paths used by hackers are:
1. People
2. Software
3. Supply chain (the topic of this article - click Read More below)
Supply Chain Risk Management (SCRM) is a critical part of every organizations cyber defenses. Proactively preventing tainted software from being acquired and installed can save millions of dollars and the pain that comes with recovery from a cyber-incident, not to mention damage to reputation and business disruptions that can result from a successful cyber-attack. An organization must take steps to proactively prevent tainted software products and risky vendors from being used in cyber ecosystems. The March 20 FERC SCRM meeting will be an important test to see if harmonized SCRM standards will be possible across critical infrastructure in the US.