The Supply Chain Management Center at the University of Maryland’s (UMD) Robert Smith School of Business will collaborate with the National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) as part of a wide-ranging cyber risk assessment project.
The project is set to focus on ascertaining the effectiveness of information security and cyber supply chain best practices, with a goal of helping companies and organizations increase their cyber risk assessment and management capability, the university said.
The UMD center was awarded a $425,000 task order to continue a sixth year of consecutive government funding, now focusing on this cyber issue.
The NCCoE was founded in 2012 as a federal organization partnership formed by NIST, the State of Maryland, and the state’s Montgomery County to address pressing cybersecurity problems with standards-based solutions using commercially available technologies. The MITRE Corporation has operated a federally funded research and development center (FFRDC) to power and support the NCCoE since 2014.
Targeted beneficiaries include government procurement agencies, insurance and reinsurance underwriting companies, financial institutions, and rating agencies, Sandor Boyson, Supply Chain Management Center co-director and UMD research professor, said. Boyson is set to help manage the project with colleague and center co-director Thomas Corsi and Smith School CIO Holly Mann.
The school will work with NIST, the General Services Administration (GSA), and insurance industry companies Zurich Insurance and Beecher Carlson. The partner organizations plan to test the predictive capabilities of cyber risk managerial assessments developed through the school’s supply chain center.
Industry consultants in the project include StoryBuilt Design CEO Michael Best, Zurich North America Director of Strategic Business Risk Linda Conrad, and Christopher Keegan, director of Beecher Carlson’s cybersecurity insurance practice.
“Zurich is delighted to participate in this first of its kind public private partnership. Our collective efforts will help bring best practices and evidence based guidance to organizations seeking better understanding of cybersecurity resilience within their own walls, as well as in their supply chains,” Conrad said in a statement.
“This work continues research into best practices that helps individual organizations understand and better manage their risk, which subsequently strengthens the resilience and security posture of the U.S. economy,” Jon Boyens, senior adviser for information security at NIST’s computer security division, added.
Boyson highlighted said a growing concern in industry has been the threat to suppliers of critical infrastructure components, systems, and services.