Panel to Examine Cyber Security Supply Chain Issues

Thursday, April 14, 2011

Marjorie Morgan


Former DHS Secretary Chertoff and Maj. Gen. Meyerrose (Ret.) Ask ISA to Join Them at National Press Club Event on Supply Chain

Former DHS Secretary Michael Chertoff, former Chief Information Officer for the U.S. Intelligence Community Dale Meyerrose, and Internet Security Alliance (ISA) President Larry Clinton will host a panel discussion moderated by Bloomberg Government Technology Editor Allan Holmes at the National Press Club Thursday, April 21 at 8:30am to highlight the serious cyber security supply chain problems our nation faces.

ISA launched its cyber security supply chain risk management project in 2007. The ISA mission is to integrate advanced technology with economics and public policy to create a sustainable system of cyber security.

“It is critical that any cyber security policy candidly address the economic issues that are the drivers of modern security practices,” said ISA President Clinton.

“Economics are driving both industry and government to adopt increasingly sophisticated technologies, which raise serious new security issues. It is simply impractical to suggest these new technologies will not be adopted and dangerous to suggest that the problems can be managed with a set of government determined technical standards.  We need to evolve a 21st century system that pragmatically addresses the technological, economic and public policy issues from both an industry and government perspective,” said Clinton.

The ISA has issued a series of reports on supply chain management in conjunction with Carnegie Mellon University in 2008 and the U.S. Cyber Consequences Unit in 2009.

The 2009 report established a framework for cyber supply chain management, which was cited in the Obama Administration’s “Cyberspace Policy Review.”  ISA is currently developing detailed procedures to carry out this framework and expects to produce a third report on the issue later this year.

The Chertoff Group offered to host ISA’s most recent supply chain management workshop in San Francisco in February and then offered, along with Harris Corporation’s Cyber Integrated Solutions business, to have ISA president Clinton share the stage with the former Secretary and the former Intelligence Community CIO and retired Air Force Major General.

“I’m naturally honored to share the stage with former Secretary Chertoff and former Major General Meyerrose and hope that we can together help drive adoption of a sustainable system of supply chain management in conjunction with our government partners,” said Clinton.

Possibly Related Articles:
Service Provider
Government Internet Security Alliance Cyber Security DHS Supply Chain ISA
Post Rating I Like this!
Don O'Neill Studies on global software competitiveness reveal that offshore outsourcing is an asymmetric tactic that delivers a competitive advantage. As global enterprises increasingly seek to achieve competitiveness on the cheap, global outsourcing is becoming more widespread. But due diligence is needed if success is to be achieved. It is especially necessary to exercise due diligence in anticipating and avoiding the risks and threats that could occur through the use of the Global Supply Chain.

The Trusted Pipe™ architecture is an approach to offshore outsourcing that will enable management and engineering personnel (“intelligent middlemen”) located in offshore areas to facilitate the exchange of multi-dimensional messages spanning subjects that are cultural, technical and legal rights and remedies, software engineering and various other business skills, from buyer to seller [O’Neill 04]. Primarily, the Trusted Pipe™ will manage a network of global enterprises (GE) seeking to outsource software development and operations offshore to offshore vendors (OV). There are two major types of control points (CP), at least one GECP that operates in the U.S. and manages the network of global enterprises seeking to outsource software development and operations offshore and at least one OVCP that operates in the target country and manages the network of outsource vendors.

The object is to minimize the risks and maintain the benefits of an economic globally based enterprise that deals with software producers in off shore nations that would otherwise be barred by adverse risks associated with such global enterprises.

® Trusted Pipe is registered with the U.S. Patent and Trademark Office by Don O’Neill

[O’Neill 04] Title of invention “Business management and procedures involving intelligent middleman”, Inventor Donald O’Neill, Publication Number US20060015384 A1, Submission Date July 14, 2004
Don O'Neill Innovation enables an enterprise to elevate its offerings in the software stack. To ignore innovation is to risk falling into commodity status… and offshoring. Innovation in the industrial age was achieved through individual genius; in the knowledge age, from collaborative activity.

Innovation Management (TIM) based on the Smart Pipe™ architecture is organized to encourage innovation within the U.S. software industry and to advance the competitive development of the enterprise by renovating functional tasks and activities and accelerating the innovation management capability and capacity needed to substantially increase innovation in both the production and use of systems and software. It is specifically focused on the systems engineering and software engineering roles and capabilities needed to systematically collaborate in the cross discipline intersection between producer and consumer.

The Smart Pipe™, tiered process will synthesize the interconnected layers or contexts formed by innovators who generate ideas, brokers who manage ideas and idea development, and buyers who use ideas for the benefit of the enterprise. The three tiers operate to identify innovative ideas and specify their value in multiple dimensions using an Innovation Value Statement, to judge and select the most promising value statements and to identify refinements intended to increase their benefit, and incorporate the best ideas in the business strategy and ongoing development in order to improve the competitiveness and profitability of the business and the value of the enterprise.

The three processes span onshore and offshore operations. The innovators in tier 1 include both global enterprise personnel and outsourced personnel who might be all onshore, all offshore, or some onshore and some onshore. The committee of brokers in tier 2 includes global enterprise personnel who are expected to be onshore. The buyers in the marketplace in tier 3 include global enterprise personnel who are expected to be onshore.

® Smart Pipe is registered with the U.S. Patent and Trademark Office by Don O’Neill

[O’Neill 05] Title of Invention “Business management and procedures involving a smart pipe of tiered innovation management teams”, Inventor Donald O’Neill, Publication Number US20070016886 A1, Submission Date June 27, 2005
Don O'Neill With the emergence of Global Software Development as a business model to produce software products rapidly enough to dominate their niches in a globally competitive workplace, there is a need to obtain the deepest possible understanding of global software competitiveness and the leading indicators that permit systematic reasoning about it.

An enterprise wishing to advance its global software competitiveness needs a framework to organize these leading indicators and a mechanism to assess its readiness to compete. While the framework rewards those who effectively compete with others, it reserves extreme rewards for those who dominate their niche. Mere competition is distinguished from competitiveness.

Global competitiveness in software is accomplished by setting the enterprise direction, providing the fuel, and controlling the businesses environment. Over seventy leading indicators selected to support the strategic management of enterprise global software competitiveness form the basis for the Global Software Competitiveness Program. Assessments assist an enterprise in pinpointing strengths and weaknesses in the software competitiveness of its product lines.

Value Points within product lines are identified, and leading indicators are assessed to determine global software competitiveness. A Value Point is a computer program or software system within an enterprise product line that is strategically essential to the competitiveness of the enterprise. Once identified, Value Points are tagged as strategic assets subject to the rigors of the enterprise strategic planning process. The competitive enterprise is the one that exerts sufficient control over its suppliers, customers, competitors, and event threats.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.