Per Gustavsson, Stratsys
Mina Nafjafi, Intil
This talk presents results from the MSB- and NCC-SE-funded project “ISMS for Strengthening Resilience and Compliance”, developed by Stratsys and Intil. The project addresses a key challenge for small and medium-sized enterprises (SMEs): how to meet growing cybersecurity and regulatory requirements without overburdening limited resources.
Rather than starting with detailed questionnaires or manual due diligence, we propose a shift in approach – from documentation-first to intelligence-first. By using benchmarks, sectoral context, and lightweight scanning early in the process, SMEs can gain rapid situational awareness and then focus on the right questions, at the right time.
The presentation outlines how we built and tested an information model that structures this workflow – connecting data sources, automating triage, and enabling more targeted, high-value assessments. Drawing on concepts such as the intelligence cycle and decision superiority, we show how systematic information flows can improve both resilience and resource efficiency in supply chain security.
Explore the conference agenda
