A GUIDE FOR 2020 SUPPLY CHAIN RISK MANAGEMENT (SCRM) APPLICATION IN THE REAL WORLD.Welcome to the next iteration of SCRM. Based on a detailed explanation of current threats and application of NIST SP 800-161. From the internationally acclaimed cybersecurity thought-leader, Mr. Russo provides two distinct NIST 800-161, "Supply Chain Risk Management Practices for Federal Information Systems and Organizations," approaches to resolve the modern day challenge of SCRM. The solutions, while similar, provide a 21st Century resolution to better approach in a systematic way to prevent compromises to the US and global IT supply chain.The use of varied supply chain attacks by cyber attackers to access, for example, software development infrastructures have been major vectors of concerns for governments as well as the private sector. These attacks typically include targeting publicly connected software "build, test, update servers," and other portions of a software development environment. Nation-state agents can then inject malware into software updates and subsequent releases have far-ranging impacts to the IT supply chain; the challenge continues to grow.SCRM 1.0 is a concept for establishing an effective and repeatable process that can be applied against standard supply chain components such as hardware, firmware, software, etc. The author introduces SCRM 2.0, much like SCRM 1.0 (Product-based approach), the need is to turn to a much more precarious aspect of SCRM. We must consider the service piece of SCRM that includes the people, companies, and organizations along the supply chain that may also be compromised within the global marketing of IT equipment and capabilities. This is the next most significant issue facing the field of cybersecurity protection in the 21st Century. This updated version updates content for the reader and adds more clarity on the topic of SCRM in 2020.