As you may well know, the Global Certification Team is always striving to improve the security of Cisco’s products, throughout the lifecycle of the device. It’s been said that a chain is only as strong as it’s weakest link. This not only applies to a physical chain, but it also to the supply chain involved from the conception of a product through the delivery phase. Today we have a guest post from Terrie Diaz (firstname.lastname@example.org), who is heading up our Global Supply Chain Security effort.
Supply Chain Security, is the process through which Cisco delivers genuine products to the customer. In today’s highly global business model, Supply Chain security is a hot topic. In this ever-changing market, there are numerous arteries for an attacker to introduce unwanted malware, counterfeit hardware, and disrupt delivery. Cisco’s responsibility to its shareholders and customers is to ensure our supply chain is impenetrable. Cisco’s Supply Chain Security management program has been designed with the lifecycle of the product in mind. In fact, our focus on supply chain spans from product design, through sourcing components, manufacturing, distribution, and installation to support and end-of-life.
The US Government Accountability Office (GAO) and IHS, Inc. have highlighted the risks to organizational supply chain in recent reports:
- GAO http://www.gao.gov/assets/590/589568.pdf
- IHS http://online.wsj.com/article/BT-CO-20120214-710898.html
Cisco’s use of best practices and internal audits affords the ability to identify gaps or weakness in our supply chain. We are also activity involved in various organizations and agencies that are developing criteria, policy, and process, such as NIST and The Open Group to tackle today’s challenges facing the supply chain and customers’ concerns of receiving trustworthy products.
Please visit Cisco.com for more information on how Cisco is securing the supply chain.