< Back to Blog
Panorays and SANS Collaborate on Whitepaper and Webcast
Panorays News

Panorays and SANS Collaborate on Whitepaper and Webcast

By Yaffa Klugerman Sep 11, 20192 min read

Panorays has collaborated with the SANS Institute to produce “Success Patterns for Supply Chain Security,” a whitepaper authored by noted analyst John Pescatore, which was also the subject of a recent webcast.

The paper explores different patterns and key components of supply chain security effectiveness. It focuses on defining where organizations stand with their supply chain security and how they can progress towards more effective approaches.

In particular, Pescatore covered five elements of a successful supply chain security program. They include:

Find a Friend

Security must have a champion in the management chain responsible for supply chain decisions, such as a board member, CEO, COO or head of procurement. This person should try to find areas where increased supply chain security aligns with business metrics, plans and strategies.

Discovery of Suppliers

You can’t secure what you don’t know is there; and if you know it is there, you must be able to detect when risk status changes. For this reason, it’s important to be aware of all supply chain partners, conduct regular assessments of vulnerabilities and detect any changes in exposure.

Mix of Assessment Approaches at Scale

A “one-size-fits-all” risk assessment approach will not work for most businesses. A mix of techniques is necessary to support both business responsiveness demands and to enable more continuous monitoring of risk levels. These techniques include vendor questionnaires, external risk-rating services, shared assessments and active testing. An effective supply chain security program will require a combination of these capabilities.

Extension of Dashboard/Reporting to BU and IT Managers

Supply chain security processes and tools should provide visibility into current risk views to non-security personnel and enable them to incorporate risk information in their decision-making processes. If your organization already uses some standard approach for rating the financial or viability risk of suppliers and partners, the supply chain security reporting and monitoring should ideally integrate into that.

Closing the Loop

Years ago, the manufacturing industry learned that quality programs couldn’t succeed just by rejecting low-quality suppliers; they also had to close the loop to drive all suppliers to adopt higher-quality processes. An effective supply chain security program must include feedback to vendors and visibility into the results of assessments and ratings to drive improvement overall.

Want to learn more? Click here to download the complete whitepaper. 

humbnail
Yaffa Klugerman

Yaffa Klugerman is Content Manager at Panorays. She enjoys writing about the cyber world, drinking too many cappuccinos and arguing about the use of serial commas.

You may also like...
Protecting Yourself From Third-Party Cloud Vulnerabilities
Mar 10, 2021 Protecting Yourself From Third-Party Cloud Vulnerabilities Giora Omer
Why We Are Proud to Be Recognized in Forrester’s New Wave™
Mar 01, 2021 Why We Are Proud to Be Recognized in Forrester’s New… Yaffa Klugerman
Panorays Recognized as a Strong Performer by Independent Research Firm in Cybersecurity Risk Ratings Platforms Report
Mar 01, 2021 Panorays Recognized as a Strong Performer by Independent Research Firm… Yaffa Klugerman
Get our latest posts straight to your inbox Subscribe

We use cookies to ensure you get the best experience on our website. Visit our Privacy Policy for more information.