EDITOR ’ S QUESTION
EDWARD TUORINSKY , CEO AND PRESIDENT , DTS
“
Are you certified ?” may become the most used phrase in business this year . I predict cybersecurity compliance will be a significant growth opportunity for 2025 , specifically cybersecurity supply chain risk management ( C-SCRM ).
Assessing and managing the cybersecurity risk of all partners with whom you share data connections is an important part of each company ’ s security posture . Bad actors prey on the weakest link , often smaller companies , intending to gain access to a bigger , more lucrative company ’ s system . companies can make . While cyberdefences can barely keep up with evolving threats , supply chain security bolsters the entire ecosystem .
What will it mean to vet your supply chain ? Asking for proof that the company has controls in place and is following policies and procedures to protect people , data and systems . With non-disclosures in place , we ’ ll see companies asking for System Security Plans and third-party certifications like ISO , SOC or CMMC . We ’ ll also hear about organisations cutting ties with those who don ’ t have the documentation or aren ’ t up to standards .
Believe it or not , C-SCRM is trending because of the US Government ’ s Department of Defence ( DoD ). After years of cyberattacks , breaches and viruses , programs across the Federal government are helping secure the country ’ s critical infrastructure by establishing baseline cybersecurity standards for contractors , but with wide-ranging implications .
The DoD ’ s Cybersecurity Maturity Model Certification ( CMMC ) requires all 200,000 + contractors to prove that they meet minimum cybersecurity standards to qualify for new or renewing contracts . As mandates trickle down , thousands of subcontractors , vendors and suppliers to these companies will need proof of their security compliance , too .
Cybersecurity wasn ’ t part of the conversation with partners and vendors five years ago . Today , the regulatory environment and the need to secure the country ’ s critical infrastructure have made it an imperative . Look for cybersecurity to be a major area for growth in 2025 .
LOOK FOR CYBERSECURITY TO BE A MAJOR AREA FOR GROWTH IN 2025 .
Federal mandates for contractors represent a significant area for growth for commercial markets . Companies may find their supply chains are demanding that they invest in cybersecurity that meets national standards and documentation or certification audits that prove their security .
Companies with long-standing or niche supply chains have been reluctant to cut ties with a partner or supplier over cybersecurity , but I think we ’ ll see that change this year . Risk is a powerful motivator , and vetting your supply chain is one of the most cost-effective cybersecurity moves
www . intelligentcxo . com
21