A new RAND Corp. report highlights the need for the defense industrial base to take a comprehensive approach when it comes to addressing cybersecurity and supply chain risk management and look at the consequences of cyberattacks, Federal News Network reported Wednesday.
“So, taking that more comprehensive approach, thinking about consequences and thinking about consequences, not just for information, but its consequences for supply chain functionality … And so thinking about the functionality of your supply chain, whether or not you’re able to get what you need when you need it. Not just about the security of the information itself,” said Victoria Greenfield, a senior economist at RAND, told FNN.
Greenfield discussed one of the findings of the report: that a conflict between cybersecurity and SCRM could result in an increase in cyberattacks.
“In conventional SCRM…you would think, ‘Alright, I’m going to make my supply chain less risky by adding more potential suppliers, bringing more businesses and expanding my rolodex,’” Greenfield noted.
“What does that do from a cyber perspective? You have potentially increased the points of attack, … And so you may, from a cyber perspective, be making things riskier,” she added.