Unless you manufacture all of your own components, every organization faces significant risk from their supply chain, and perhaps even more so from the smart/connected technology supply chain. You may recall, as part of the WaterISAC 15CFAM series in recognition of National Cybersecurity Awareness Month in October, we posted a combined selection on addressing the Internet-of-Things (IoT) and the supply chain – encompassing #14 (Address All Smart Devices) and #13 (Secure the Supply Chain) from our 15 Cybersecurity Fundamentals for Water and Wastewater Utilities guide. The post highlighted the importance of including all smart/connected technology and services in the supply chain risk management process. It also mentioned several existing frameworks and methodologies that could be used to drive IoT/IIoT security, including guidance from ENISA. As a great complementary resource, ENISA released guidelines based on a recent study to help IoT manufacturers, developers, integrators, and all stakeholders involved in the IoT/IIoT supply chain make better security decisions when building, deploying, or assessing IoT technologies. Access ENISA for Guidelines for Securing the Internet of Things.