SUPPLY CHAIN SECURITY

Advanced Persistent Threat (APT) is a term used to refer to advanced cyberattacks that aim to gain access to a specific target, such as a company, an organization or an individual, and remain active there for a long period of time. APT attacks are often aimed at stealing data or gaining access to sensitive systems, and are often carried out by professional hackers or state-sponsored groups.

Compliance is a term used to describe how well an organization complies with the laws and regulations that apply to it. Compliance means that an organization is aware of the risks it runs if it does not comply with the rules, and that it takes measures to limit or prevent those risks. Compliance helps an organization to protect its reputation, customer satisfaction and financial results.

A Managed Security Service Provider (MSSP) is an external service provider that offers specialized security services to organizations. MSSPs provide comprehensive security solutions and services to help businesses monitor, detect, prevent, and respond to cyber threats and security incidents. This enables organizations to reduce the complexity of security management and access expertise and resources they may not have in-house.

The National Institute of Standards and Technology (NIST) is a scientific institution under the United States federal government. NIST is committed to standardization in science, such as defining units.

NIST was founded in 1901 under the name National Bureau of Standards (NBS). In 1988, the institution received its current name

OSINT stands for Open-Source Intelligence and is a method of collecting information from publicly accessible sources, such as social media, news articles, online forums and databases. This can be used for various purposes such as research, journalism, business strategies and security analysis. OSINT is an important part of modern information and security methods and is increasingly used by governments, companies and individuals.

Third party risks refer to the risks that arise when an organization engages a third party to perform certain tasks or provide services. These risks can relate to various areas, including legal issues, financial risks, reputational risks and operational risks.

TPRM stands for Third Party Risk Management. This is a process by which organizations identify, assess and manage the risks associated with outsourcing activities or services to external parties.

TPRM helps organizations ensure the quality, compliance and performance of their suppliers and avoid potential reputational damage, financial loss or legal disputes.

Vulnerability management is the process of identifying, analyzing and remediating vulnerabilities in systems, networks and applications. The goal of vulnerability management is to improve the security and resilience of the organization by reducing the risk of cyber-attacks. Vulnerability management includes regularly scanning the IT environment, prioritizing the vulnerabilities found based on their severity and impact, and implementing appropriate measures to fix or mitigate them.