fbpx

Supply Chain Integrity Month

April brings us spring weather, tax filing deadlines, and also supply chain integrity month.  

 

US-CERT is helping to call attention to an important risk that all organizations face.  Per the US-CERT posting (https://www.us-cert.gov/ncas/current-activity/2019/04/01/Supply-Chain-Integrity-Month):

 

The Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the Department of Defense (DOD) are partnering to promote the importance of supply chain security and risk management. Breaches in the supply chain provide an opportunity for malicious software or hardware to be installed on equipment. Lack of awareness or validation of the legitimacy of hardware and software presents a serious risk to users’ information and the overall integrity of a network environment.

 

Despite the risk that the supply chain introduces into organizations, it is all too often a problem that is approached inefficiently and ineffectively.

 

The Office of the Director of National Intelligence summarizes the problem quite well (https://www.dni.gov/index.php/ncsc-what-we-do/ncsc-supply-chain-threats):

 

These adversaries exploit supply chain vulnerabilities to steal America’s intellectual property, corrupt our software, surveil our critical infrastructure, and carry out other malicious activities. They infiltrate trusted suppliers and vendors to target equipment, systems, and information used every day by the government, businesses, and individuals.

 

Of course, the problem extends well beyond just government and critical infrastructure.  It extends into all industries and sectors. Yet, organizations can hardly be faulted for paying Vendor Risk Management (VRM) less attention than it deserves.  Historically, VRM has been an area lacking creative, efficient, and helpful technological solutions. Instead, it has been an area overwhelmed by manual, labor-intensive processes that can’t possibly assess, manage, and mitigate the risk that the supply-chain poses.

 

At IDRRA, we believe in helping organizations efficiently and effectively tackle VRM.  It’s our passion, and it’s what drives and energizes us day-to-day. Our industry-leading platform takes the pain and headache out of the VRM process, allowing organizations to focus on reducing supply-chain risk.

 

Every month should be supply-chain integrity month, and with IDRRA, it is.  There is no time like the present to make the most of supply-chain integrity month and to get your VRM program off the ground.  In fact, IDRRA (https://idrra.com/) can help you get started – register for a free account today.

Supply Chain Risk Monitoring as a Service
Join us today
Supply Chain Risk Monitoring as a Service
Join us today
Waitlist signup

Welcome to Findings

Let's go over some details to setup your tailor-made account


Please fill your details below and click "Next" to create your account:

Payment

Feature
Startup
Business
Enterprise
Price
$10 / Month
$10 / Month
$25 / Month
VDPaaS
Alerts
Assessments
Integrated Apps
API
Join today and scan ALL YOUR VENDORS for FREE*
* FREE VENDOR SCAN for all of your vendors during your first month.
Feature
Startup
Business
Enterprise
Price
$25 / Month
$200 / Month*
Contact Us
Free vendors scan for 1 month
Findings search engine
Rapid security and compliance profile
Profile/showcase engagements per year
5
40
Unlimited
Multi/unlimited showcase use cases
Showcase compliance badge for your website
Best practice self-assessment
1 Findings or 1 BYOC
Assessment response automation
Personalizable, branded security & compliance showcase page
File/evidence repository
OKTA
DKIM
Out-of-the-box TPRM
20 vendors +
20 rating scans
50 vendors +
50 rating scans
Support
Email
Priority via Phone / Email
Internal Workflows (SO/BO)
Onboarding and customization account setup
*Price for every 40 engagements
Automate assessment response and showcase your cybersecurity posture
Supply Chain Risk Monitoring as a Service
Join us today
.
.
.
.

Thank you for signing up!

Supply Chain Risk Monitoring as a Service
Join us today
.
.
.
.

Thank you for signing up!