{"product_id":"tprm-driven-supply-chain-cybersecurity-eric-richardson-9781806708116","title":"TPRM-Driven Supply Chain Cybersecurity: Connecting TPRM and supply chain security for operational resilience","description":"\u003cp\u003e\u003cstrong\u003eAlign TPRM and cybersecurity, classify supply chain risks, build a lifecycle program, and map NIST C-SCRM, ISO\/IEC 27036, DORA, GDPR, and EO 14028 to evidence and audits.\u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eKey Features: \u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003e- Align procurement, legal, and security priorities around shared risk outcomes\u003c\/p\u003e\u003cp\u003e- Apply a clear taxonomy for cyber, operational, regulatory, and reputational risk\u003c\/p\u003e\u003cp\u003e- Use a lifecycle blueprint to structure assessment and ongoing oversight\u003c\/p\u003e\u003cp\u003e- Map NIST C-SCRM, ISO\/IEC 27036, DORA, and EO 14028 to audit evidence\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eBook Description: \u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003eModern organizations rely on complex vendor ecosystems, but third-party risk management (TPRM) and cybersecurity often operate in silos. This book shows how to connect vendor risk management with supply chain cybersecurity using a practical, lifecycle-driven approach.\u003c\/p\u003e\u003cp\u003eYou'll design a program covering onboarding, vendor risk assessment, continuous monitoring, and offboarding. You'll begin by examining why TPRM and cybersecurity often operate in separate lanes, and what that gap costs in downtime, breach impact, and compliance exposure. Next, you'll develop a modern taxonomy of supply chain risk, including fourth-party dependencies and software supply chain concerns, so risk discussions use consistent categories and measurable assumptions.\u003c\/p\u003e\u003cp\u003eFrom there, you'll adopt a lifecycle-based model to structure vendor onboarding, assessment, monitoring, and offboarding-supported by vendor tiering, segmentation, and control mapping. The final chapter focuses on the regulatory blueprint: how to interpret NIST C-SCRM, ISO\/IEC 27036, DORA, GDPR, and Executive Order 14028, then convert them into evidence-driven controls and audit-ready documentation.\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eWhat You Will Learn: \u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003e- Learn how vendor ecosystems become attack paths\u003c\/p\u003e\u003cp\u003e- Categorize third- and fourth-party supply chain risks\u003c\/p\u003e\u003cp\u003e- Create risk tiers and segmentation based on business impact\u003c\/p\u003e\u003cp\u003e- Design a lifecycle workflow from onboarding to offboarding\u003c\/p\u003e\u003cp\u003e- Select controls using NIST and ISO supply chain guidance\u003c\/p\u003e\u003cp\u003e- Translate DORA, GDPR, and EO 14028 duties into controls\u003c\/p\u003e\u003cp\u003e- Prepare evidence packs for audits and regulator questions\u003c\/p\u003e\u003cp\u003e- Plan continuous monitoring beyond annual questionnaires\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eWho this book is for: \u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003eThis book is for cybersecurity leaders, TPRM\/VRM practitioners, risk managers, and procurement professionals who need a repeatable way to evaluate and monitor vendors and critical suppliers. It also helps compliance stakeholders who need a shared, workable method to manage supplier cyber exposure. Basic familiarity with security principles and vendor management helps.\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eTable of Contents\u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003e- The Disconnect - TPRM vs. Cybersecurity in the Supply Chain\u003c\/p\u003e\u003cp\u003e- The New Attack Surface - A Taxonomy of Supply Chain Risks\u003c\/p\u003e\u003cp\u003e- The Foundational Framework - A TPRM-Driven Security Lifecycle\u003c\/p\u003e\u003cp\u003e- The Regulatory Blueprint - Navigating Key Frameworks\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eAuthor:\u003c\/b\u003e Eric Richardson,Filipi Pires\u003cbr\u003e\u003cb\u003eISBN-10:\u003c\/b\u003e 1806708116\u003cbr\u003e\u003cb\u003eISBN-13:\u003c\/b\u003e 9781806708116\u003cbr\u003e\u003cb\u003ePublisher:\u003c\/b\u003e Packt Publishing\u003cbr\u003e\u003cb\u003eLanguage:\u003c\/b\u003e English\u003cbr\u003e\u003cb\u003ePublished:\u003c\/b\u003e 05\/29\/2026\u003cbr\u003e\u003cb\u003ePages:\u003c\/b\u003e 110\u003cbr\u003e\u003cb\u003eFormat:\u003c\/b\u003e Paperback\u003cbr\u003e\u003cb\u003eWeight:\u003c\/b\u003e 0.45lbs\u003cbr\u003e\u003cb\u003eSize:\u003c\/b\u003e 9.25h x 7.50w x 0.23d","brand":"Eric Richardson","offers":[{"title":"Paperback","offer_id":48801602044159,"sku":"9781806708116","price":24.99,"currency_code":"USD","in_stock":false}],"url":"https:\/\/www.whiterainbookhouse.com\/products\/tprm-driven-supply-chain-cybersecurity-eric-richardson-9781806708116","provider":"WR Book House","version":"1.0","type":"link"}