Ładowanie...
Ebooki Bezpieczeństwo systemówSzczegóły ebooka: TPRM-Driven Supply Chain Cybersecurity. Connecting TPRM...
Szczegóły ebooka
Zaloguj się, jeśli jesteś zainteresowany treścią pozycji.
TPRM-Driven Supply Chain Cybersecurity. Connecting TPRM and supply chain security for operational resilience
Eric Richardson, Filipi Pires
Ładowanie...
EBOOK
Ładowanie...
Modern organizations rely on complex vendor ecosystems, but third-party risk management (TPRM) and cybersecurity often operate in silos. This book shows how to connect vendor risk management with supply chain cybersecurity using a practical, lifecycle-driven approach.
You’ll design a program covering onboarding, vendor risk assessment, continuous monitoring, and offboarding. You’ll begin by examining why TPRM and cybersecurity often operate in separate lanes, and what that gap costs in downtime, breach impact, and compliance exposure. Next, you’ll develop a modern taxonomy of supply chain risk, including fourth-party dependencies and software supply chain concerns, so risk discussions use consistent categories and measurable assumptions.
From there, you’ll adopt a lifecycle-based model to structure vendor onboarding, assessment, monitoring, and offboarding—supported by vendor tiering, segmentation, and control mapping. The final chapter focuses on the regulatory blueprint: how to interpret NIST C-SCRM, ISO/IEC 27036, DORA, GDPR, and Executive Order 14028, then convert them into evidence-driven controls and audit-ready documentation.
You’ll design a program covering onboarding, vendor risk assessment, continuous monitoring, and offboarding. You’ll begin by examining why TPRM and cybersecurity often operate in separate lanes, and what that gap costs in downtime, breach impact, and compliance exposure. Next, you’ll develop a modern taxonomy of supply chain risk, including fourth-party dependencies and software supply chain concerns, so risk discussions use consistent categories and measurable assumptions.
From there, you’ll adopt a lifecycle-based model to structure vendor onboarding, assessment, monitoring, and offboarding—supported by vendor tiering, segmentation, and control mapping. The final chapter focuses on the regulatory blueprint: how to interpret NIST C-SCRM, ISO/IEC 27036, DORA, GDPR, and Executive Order 14028, then convert them into evidence-driven controls and audit-ready documentation.
- 1. The Disconnect — TPRM vs. Cybersecurity in the Supply Chain
- 2. The New Attack Surface — A Taxonomy of Supply Chain Risks
- 3. The Foundational Framework — A TPRM-Driven Security Lifecycle
- 4. The Regulatory Blueprint — Navigating Key Frameworks
- Tytuł:TPRM-Driven Supply Chain Cybersecurity. Connecting TPRM and supply chain security for operational resilience
- Autor:Eric Richardson, Filipi Pires
- Tytuł oryginału:TPRM-Driven Supply Chain Cybersecurity. Connecting TPRM and supply chain security for operational resilience
- ISBN:9781806708109, 9781806708109
- Data wydania:2026-05-29
- Format:Ebook - EPUB
- Identyfikator pozycji: e_4yt5
- Wydawca: Packt Publishing
Ładowanie...
Ładowanie...