{"id":28832,"date":"2026-01-15T15:08:38","date_gmt":"2026-01-15T14:08:38","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=28832"},"modified":"2026-01-15T15:08:40","modified_gmt":"2026-01-15T14:08:40","slug":"tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/","title":{"rendered":"TPCRM\u00a0for\u00a0OT:\u00a0managing cyber risks across the supply chain"},"content":{"rendered":"\n

In a highly interconnected industrial environment, operational performance relies on an\u00a0<\/span>extended ecosystem of partners<\/span><\/b>: critical suppliers, system integrators, maintenance providers, software vendors, IT and OT service providers, and others. While this ecosystem is essential to the company\u2019s operations, it also\u00a0represents\u00a0one of the\u00a0<\/span>primary vectors of cyber risk<\/span><\/b>.<\/span>\u00a0<\/span><\/p>\n

Cyberattacks no longer target only internal information systems. They increasingly exploit external dependencies, where governance, visibility, and control are often weaker. A vulnerability affecting a\u00a0third party\u00a0can now lead to direct impacts on production, personnel safety, regulatory compliance, or the organization\u2019s reputation.<\/span>\u00a0<\/span><\/p>\n

The attack suffered by Jaguar Land Rover in 2025 illustrates this reality: the shutdown of systems paralyzed the production chain and its partners, preventing the manufacture of more than 25,000 vehicles and resulting in estimated losses of\u00a0nearly one\u00a0billion pounds.<\/span>\u00a0<\/span><\/p>\n

Managing\u00a0third-party\u00a0cyber risks<\/span><\/b>\u00a0is therefore no longer a peripheral issue. It is\u00a0a central component\u00a0of any industrial cybersecurity strategy, commonly referred to as\u00a0<\/span>TPRM<\/span><\/b>\u00a0(Third-Party Risk Management) or\u00a0<\/span>TPCRM<\/span><\/b>\u00a0(Third-party\u00a0Cyber Risk Management). These\u00a0concepts\u00a0cover the overall management of third-party risks and\u00a0its\u00a0specific application to cyber risks.<\/span>\u00a0<\/span><\/p>\n

Third parties driving the industrial value chain\u00a0<\/h1>\n

The concept of a \u201cthird-party\u201d refers to any external entity or individual that collaborates with an organization and interacts with its systems, data, or processes. These actors contribute directly or indirectly to the company\u2019s activities and collectively form what is known as the supply chain.<\/span>\u00a0<\/span><\/p>\n

In industrial environments,\u00a0third parties\u00a0can\u00a0generally be\u00a0grouped into five major categories, reflecting the diversity of roles they play in the operation and maintenance of industrial systems:<\/span>\u00a0<\/span><\/p>\n

\"\"<\/p>\n

Mapping\u00a0third parties\u00a0across the supply chain<\/span><\/i>\u00a0<\/span><\/p>\n

To ensure seamless operational continuity, industrial organizations rely heavily on external service providers. This dependency,\u00a0driven by the outsourcing of critical activities and regulatory requirements,\u00a0<\/span>turns each supplier into an essential link<\/span><\/b>\u00a0in the chain. A single compromise affecting a\u00a0third-party\u00a0can be enough to halt production, disrupt operations, and expose the organization to major risks.<\/span>\u00a0<\/span><\/p>\n

An\u00a0extended\u00a0supply\u00a0chain:\u00a0difficult to\u00a0manage and\u00a0vulnerable\u00a0<\/h1>\n

The diversity and number of\u00a0third parties\u00a0present several major challenges for organizations. First, the third-party ecosystem is often\u00a0<\/span>extremely large<\/span><\/b>: a single organization may rely on hundreds or even thousands of partners.<\/span>\u00a0<\/span><\/p>\n

This scale is compounded by\u00a0<\/span>significant complexity<\/span><\/b>, as the supply chain does not stop with direct\u00a0third parties,\u00a0but also includes their own service providers, which are essential to their business continuity. As one moves down these successive levels (fourth parties,\u00a0n-parties\u00a0and\u00a0beyond), the client organization\u2019s visibility into its\u00a0third parties\u00a0decreases sharply:<\/span>\u00a0<\/span><\/p>\n

\"\"<\/span>An illustration of\u00a0supply\u00a0chain\u00a0complexity\u00a0<\/span><\/i>\u00a0<\/span><\/p>\n

This combination of breadth and depth makes it particularly difficult to\u00a0maintain\u00a0<\/span>overall control of the ecosystem<\/span><\/b>. For example, it is estimated that only 3% of organizations have full visibility across their entire supply chain (Panorays, 2025). This lack of visibility creates a\u00a0<\/span>broad and difficult-to-manage risk surface<\/span><\/b>.<\/span>\u00a0<\/span><\/p>\n

Third party risks: a growing threat under regulatory pressure\u00a0<\/h1>\n

In recent years, there has been a significant increase in cyberattacks involving\u00a0third parties. This trend is particularly pronounced in industrial environments, where\u00a0<\/span>third parties\u00a0are often involved in critical and vulnerable processes<\/span><\/b>: remote access to systems, physical\u00a0access\u00a0on site, identity and access management, and the integration of software or hardware components.<\/span>\u00a0<\/span><\/p>\n

\"\"<\/span>These figures highlight two key observations. First,\u00a0third-party\u00a0risks are very real and represent a\u00a0<\/span>growing threat<\/span><\/b>\u00a0to the cybersecurity ecosystem. Second,\u00a0<\/span>the maturity level of organizations\u00a0remains\u00a0globally insufficient<\/span><\/b>, even as TPCRM\u00a0emerges\u00a0as a strategic lever for risk reduction.<\/span>\u00a0<\/span><\/p>\n

These findings are now reflected in regulatory frameworks. The European NIS 2 Directive, currently being transposed into national laws across EU Member States, requires affected organizations to manage risks related to their supply chains. Managing cyber risks linked to\u00a0third parties\u00a0is thus becoming a full-fledged regulatory requirement, with potential penalties of up to \u20ac10 million or 2% of global annual turnover\u00a0in the event of\u00a0non-compliance.<\/span>\u00a0<\/span><\/p>\n

Adapting third party risk management to\u00a0 industrial needs\u00a0<\/h1>\n

In light of\u00a0these challenges, how can organizations structure effective\u00a0third-party\u00a0cyber risk management? While approaches vary, several key principles consistently\u00a0emerge:<\/span>\u00a0<\/span><\/p>\n

    \n
  • Cross-functional stakeholder involvement<\/span><\/b>:\u00a0Third-party\u00a0risk management cannot be the sole responsibility of IT or cybersecurity teams. Procurement, operational teams, and business units must be fully involved, as\u00a0third parties\u00a0operate\u00a0across all levels of the organization.<\/span>\u00a0<\/span><\/li>\n
  • Lifecycle-based approach<\/span><\/b>: Risk must be considered from supplier\u00a0selection\u00a0through to the end of the commercial relationship. Each phase\u00a0(contracting, onboarding, operations, and offboarding)\u00a0should be governed by\u00a0appropriate security\u00a0requirements.<\/span>\u00a0<\/span><\/li>\n
  • Clear contractual requirements<\/span><\/b>: Contracts should formally define and include explicit cybersecurity obligations to ensure a consistent level of protection throughout the collaboration.<\/span>\u00a0<\/span><\/li>\n
  • Third-party\u00a0prioritization<\/span><\/b>: Security efforts must be proportional to the criticality of partners (e.g., level of system integration, operational dependency, sensitivity of\u00a0exchanged data, relationship history). Assessing their operational role and cyber maturity helps focus resources on the most critical\u00a0third parties.<\/span>\u00a0<\/span><\/li>\n
  • Collaboration and information sharing<\/span><\/b>: Supply chain resilience depends on the ability of stakeholders to share information and coordinate responses\u00a0in the event of\u00a0an incident.<\/span>\u00a0<\/span><\/li>\n
  • Tooling and automation<\/span><\/b>: Given the volume of\u00a0third-parties, automation, continuous assessment, and the use of specialized tools are becoming essential enablers.<\/span>\u00a0<\/span><\/li>\n<\/ul>\n

    To support organizations in this approach, several authoritative references exist, including NIST SP 800-161 Rev. 1\u00a0<\/span>\u201cCybersecurity Supply Chain Risk Management Practices for Systems and Organizations\u201d<\/span><\/i>\u00a0(2022) and ENISA\u2019s\u00a0<\/span>\u201cGood Practices for Supply Chain Cybersecurity\u201d<\/span><\/i>\u00a0(2023).<\/span>\u00a0<\/span><\/p>\n

    TPCRM:\u00a0strengthening\u00a0industrial\u00a0resilience\u00a0<\/h1>\n

    In an industrial context where\u00a0<\/span>cyber risks are becoming systemic<\/span><\/b>, supply chain security can no longer be addressed through a purely technical lens. It is now a\u00a0<\/span>strategic issue of governance and resilience<\/span><\/b>.<\/span>\u00a0<\/span><\/p>\n

    A mature TPCRM approach not only supports\u00a0<\/span>regulatory compliance<\/span><\/b>\u00a0but, more importantly, enables organizations to better\u00a0<\/span>anticipate\u00a0crisis scenarios<\/span><\/b>, limit operational impacts, and\u00a0<\/span>strengthen trust across their partner ecosystem<\/span><\/b>.<\/span>\u00a0<\/span><\/p>\n

    By combining governance, processes, technologies, and collaboration with the wider ecosystem, TPCRM establishes itself as a key strategic lever for sustainably securing industrial environments<\/span>.<\/span>\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

    In a highly interconnected industrial environment, operational performance relies on an\u00a0extended ecosystem of partners: critical suppliers, system integrators, maintenance providers, software vendors, IT and OT service providers, and others. While this ecosystem is essential to the company\u2019s operations, it also\u00a0represents\u00a0one…<\/p>\n","protected":false},"author":1499,"featured_media":28837,"comment_status":"open","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2777,3977,3274],"tags":[],"coauthors":[4895,4896],"class_list":["post-28832","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-focus","category-manufacturing-industry-4-0-en"],"acf":[],"yoast_head":"\nTPCRM\u00a0for\u00a0OT:\u00a0managing cyber risks across the supply chain - RiskInsight<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"TPCRM\u00a0for\u00a0OT:\u00a0managing cyber risks across the supply chain - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"In a highly interconnected industrial environment, operational performance relies on an\u00a0extended ecosystem of partners: critical suppliers, system integrators, maintenance providers, software vendors, IT and OT service providers, and others. While this ecosystem is essential to the company\u2019s operations, it also\u00a0represents\u00a0one...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-15T14:08:38+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-15T14:08:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/01\/jacques-dillies-jcav1COVvOc-unsplash-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"891\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Margot MARQUET, Nicolas BLOCH\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Margot MARQUET, Nicolas BLOCH\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/\"},\"author\":{\"name\":\"Madeline Salles\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8ff9185abd0574dc00c0e378146212b8\"},\"headline\":\"TPCRM\u00a0for\u00a0OT:\u00a0managing cyber risks across the supply chain\",\"datePublished\":\"2026-01-15T14:08:38+00:00\",\"dateModified\":\"2026-01-15T14:08:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/\"},\"wordCount\":986,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/01\/jacques-dillies-jcav1COVvOc-unsplash-scaled.jpg\",\"articleSection\":[\"Cybersecurity & Digital Trust\",\"Focus\",\"Manufacturing & Industry 4.0\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/\",\"name\":\"TPCRM\u00a0for\u00a0OT:\u00a0managing cyber risks across the supply chain - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/01\/jacques-dillies-jcav1COVvOc-unsplash-scaled.jpg\",\"datePublished\":\"2026-01-15T14:08:38+00:00\",\"dateModified\":\"2026-01-15T14:08:40+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/01\/jacques-dillies-jcav1COVvOc-unsplash-scaled.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/01\/jacques-dillies-jcav1COVvOc-unsplash-scaled.jpg\",\"width\":2560,\"height\":891},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"TPCRM\u00a0for\u00a0OT:\u00a0managing cyber risks across the supply chain\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity & digital trust blog by Wavestone's consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8ff9185abd0574dc00c0e378146212b8\",\"name\":\"Madeline Salles\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/madeline-salles\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TPCRM\u00a0for\u00a0OT:\u00a0managing cyber risks across the supply chain - RiskInsight","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/","og_locale":"en_US","og_type":"article","og_title":"TPCRM\u00a0for\u00a0OT:\u00a0managing cyber risks across the supply chain - RiskInsight","og_description":"In a highly interconnected industrial environment, operational performance relies on an\u00a0extended ecosystem of partners: critical suppliers, system integrators, maintenance providers, software vendors, IT and OT service providers, and others. While this ecosystem is essential to the company\u2019s operations, it also\u00a0represents\u00a0one...","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/","og_site_name":"RiskInsight","article_published_time":"2026-01-15T14:08:38+00:00","article_modified_time":"2026-01-15T14:08:40+00:00","og_image":[{"width":2560,"height":891,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/01\/jacques-dillies-jcav1COVvOc-unsplash-scaled.jpg","type":"image\/jpeg"}],"author":"Margot MARQUET, Nicolas BLOCH","twitter_misc":{"Written by":"Margot MARQUET, Nicolas BLOCH","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/"},"author":{"name":"Madeline Salles","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8ff9185abd0574dc00c0e378146212b8"},"headline":"TPCRM\u00a0for\u00a0OT:\u00a0managing cyber risks across the supply chain","datePublished":"2026-01-15T14:08:38+00:00","dateModified":"2026-01-15T14:08:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/"},"wordCount":986,"commentCount":0,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/01\/jacques-dillies-jcav1COVvOc-unsplash-scaled.jpg","articleSection":["Cybersecurity & Digital Trust","Focus","Manufacturing & Industry 4.0"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/","name":"TPCRM\u00a0for\u00a0OT:\u00a0managing cyber risks across the supply chain - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/01\/jacques-dillies-jcav1COVvOc-unsplash-scaled.jpg","datePublished":"2026-01-15T14:08:38+00:00","dateModified":"2026-01-15T14:08:40+00:00","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/01\/jacques-dillies-jcav1COVvOc-unsplash-scaled.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/01\/jacques-dillies-jcav1COVvOc-unsplash-scaled.jpg","width":2560,"height":891},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/01\/tpcrm-for-ot-managing-cyber-risks-across-the-supply-chain\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"TPCRM\u00a0for\u00a0OT:\u00a0managing cyber risks across the supply chain"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity & digital trust blog by Wavestone's consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8ff9185abd0574dc00c0e378146212b8","name":"Madeline Salles","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/madeline-salles\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/28832","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/1499"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=28832"}],"version-history":[{"count":2,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/28832\/revisions"}],"predecessor-version":[{"id":28836,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/28832\/revisions\/28836"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/28837"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=28832"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=28832"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=28832"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=28832"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}