Software Engineering Institute

An effective cybersecurity program is constructed on a foundation of robust risk management. This includes the third-party risk management practices required to mitigate the supply chain risks recently realized in the SolarWinds hack.  This talk explores how CERT’s recently released OCTAVE FORTE risk management model can be applied to enterprise and supply chain risk management.