| Title | Critical Infrastructure Protection and Supply Chain Risk Management |
| Publication Type | Conference Paper |
| Year of Publication | 2022 |
| Authors | Mead, Nancy R. |
| Conference Name | 2022 IEEE 30th International Requirements Engineering Conference Workshops (REW) |
| Keywords | Computer crime, Conferences, critical infrastructure, critical infrastructure protection, cybersecurity, pubcrawl, ransomware, requirements engineering, resilience, Resiliency, risk management, security requirements, supply chain risk management, supply chain security, Supply chains |
| Abstract | Critical infrastructure is a key area in cybersecurity. In the U.S., it was front and center in 1997 with the report from the President's Commission on Critical Infrastructure Protection (PCCIP), and now affects countries worldwide. Critical Infrastructure Protection must address all types of cybersecurity threats - insider threat, ransomware, supply chain risk management issues, and so on. Unsurprisingly, in the past 25 years, the risks and incidents have increased rather than decreased and appear in the news daily. As an important component of critical infrastructure protection, secure supply chain risk management must be integrated into development projects. Both areas have important implications for security requirements engineering. |
| DOI | 10.1109/REW56159.2022.00047 |
| Citation Key | mead_critical_2022 |
Critical Infrastructure Protection and Supply Chain Risk Management