The IBM Secure Engineering Framework: A Valuable Cyber Supply Chain Security Model for Enterprise Organizations

Recent ESG research illustrated that cyber supply chain security is extremely immature in most large organizations, an alarming fact given today's sophisticated threats and targeted attacks. Many CISOs claim that cyber supply chain security is relatively new and there are no best practice guidelines to follow. IBM's recently published Secure Engineering Framework Redguide may help bridge this knowledge gap. Outlining its internal best practices for software assurance and cyber supply chain security, IBM provides a set of valuable guidelines that CISOs can customize and emulate for their own needs.