Request for review: Governance of security supply chain Draft Report (Block 14)

@Tomofumi_Okubo @Mitchell @JBringer

Hello Cybersecurity WG Chairs and Experts,

Following our sessions at BGIN Block 14 in Tokyo, we have prepared the draft session report for: Governance of security supply chain.

Review Request: Please review the attached draft for technical accuracy and provide any feedback, corrections, or additions directly in this thread by March 27.

Security_Governance_of_security_supply_chain.docx (52.0 KB)

Thank you for your contributions to these governance standards.

Best regards,

Rola

Anonymization issue (Sandra’s organization… several times)

Remove '“• The group will break for lunch and reconvene in one hour.

• After the break, there will be a presentation from GFSA followed by a session on key management.”

Fixes:
3GPP to be replaced by GBBC ; NORS (?) may be related to SEAL? ; BSSC is BlockchainSecurity Standards Council (BSSC)

Few additional key take-aways:

• education of the supply chain actors is needed to ensure appropriate processes are in place at vendor’s side too; best practices
• 3rd party risk management is required in addition to the mapping with existing controls
• a comprehensive check-list would be useful to underwrite cryptoindustries
• common hacks vs gaps would be a way to further illustrate the importance of the controls (JFSA report when available, JP Crypto ISAC study)

@Tomofumi_Okubo @Mitchell @JBringer

Hello Cybersecurity WG Chairs and Experts,

Thank you for your response and ongoing support on the IKP session report.

I hope this is not too much to ask, but we are hoping to publish the document on the web page by next Monday. Would it be possible for you to upload the merged file with all revisions by this Friday?

We truly appreciate your time and effort, and we apologize for the short notice. Please let us know if the timeline is not feasible and we will do our best to accommodate.

Thank you so much for your understanding and continued support.

Best regards,

Sogo