NIST announces the publication of NISTIR 8272, Impact Analysis Tool for Interdependent Cyber Supply Chain Risks. This document describes a tool developed to fill the gap between an organization's risk appetite and supply chain risk posture by providing a basic measurement of the potential impact of a cyber supply chain event. This tool does not represent a complete supply chain risk management solution, but is intended to be integrated into or used in concert with tools such as third-party management, enterprise resource planning, and supply chain management efforts.
Security and Privacy: analytics, cybersecurity supply chain risk management