An Analysis of the Design of the Cybersecurity Maturity Model Certification (CMMC) and Its Direct Effect on Supply Chain Management-Reference-Cited by-同舟云学术

An Analysis of the Design of the Cybersecurity Maturity Model Certification (CMMC) and Its Direct Effect on Supply Chain Management

Published:2023-09-11 Issue: Volume: Page:220-243
ISSN:2327-3372
Container-title:Advances in Human Resources Management and Organizational Development
language:
Short-container-title:

Author:

Muller S. Raschid¹^ORCID

Affiliation:

1. Capitol Technology University, USA

Abstract

This chapter addresses the rationale behind commissioning the Cybersecurity Maturity Model Certification by the Department of Defense to address critical supply chain issues that directly affect services provided by contractors. The fourth pillar of cybersecurity was added to the existent three-pillar model (cost, schedule, and performance) to significantly lower risk to the supply chain. Scenarios addressed in the chapter identify the need for its immediate implementation. Recommendations were made based on the literature about informing the supply chain community of the impact of cybersecurity's lack of awareness on its overall effect on business continuity and impact.

Publisher

IGI Global

Reference62 articles.

1. Banerjee, A. (2022). National Institute of Standards and Technology guidance: Defending against software supply chain attacks. Riscosity. https://www.riscosity.com/nist-guidance-defending-against-software-supply-chain-attacks/

2. BizClik Media. (2020). Accenture: Building supply chain resilience amidst COVID-19. Supply Chain Digital. https://supplychaindigital.com/supply-chain-2/accenture-building-supply-chain-resilience-amidst-covid-19

3. Cyber Defense Q. C. D. Corporation (CYDEF). (2021). The human factor: The hidden problem of cybersecurity. https://cydef.ca/blog/the-human-factor-the-hidden-problem-of-cybersecurity/#:~:text=Human%20Factor%20in%20Cybersecurity,of%20human%20errors%20adds%20up

4. Cybersecurity and Infrastructure Security Agency. (2019). Security tip (ST04-006): Understanding patches and software updates. https://www.cisa.gov/uscert/ncas/tips/ST04-006

5. Cybersecurity and Infrastructure Security Agency. (2021). Cyber threat source description. https://www.cisa.gov/uscert/ics/content/cyber-threat-source-descriptions#terror