NIS2 increases supply chain security requirements, emphasizing external IT risks. Companies must integrate these risks into their security strategies, transforming dependencies into management responsibilities. Effective control of supply chains involves identifying critical partners, setting security standards, and continuous risk monitoring. CISOs' roles expand to include risk communication and holistic management. Compliance under NIS2 goes beyond paperwork, demanding real security measures and transparent assessments, ultimately enhancing operational stability and turning supply chains into strategic assets.
https://www.csoonline.com/article/4128381/nis2-supply-chains-as-a-risk-factor.html