Course Outline

Introduction

  • The time and cost of cyber risk management vs the time and cost from a disruption to the supply chain.

Key Cyber Supply Chain Risks

  • In-house software and hardware vulnerabilities
  • Third party hardware and software vulnerabilities
  • In-house security knowledge and practices
  • Third-party security knowledge and practices

Supply Chain Cyber Risk Case Study

  • Risk exposure through third-party software

Tools and Techniques for Attacking a Supply Chain

  • Malware
  • Ransomware
  • Adware

Supply Chain Cyber Risk Case Study

  • Outsourcing to an external website builder

Cyber Supply Chain Security Principles

  • Assume your system will be breached.
  • Cybersecurity as a technology + people + process + knowledge problem.
  • Physical vs cybersecurity

Supply Chain Cyber Risk Case Study

  • Outsourcing data storage to a third-party provider

Assessing Your Organization's Risk Level

  • Hardware and software design processes
  • Mitigation of known vulnerabilities
  • Knowledge of emerging vulnerabilities
  • Monitoring of production systems and processes

Supply Chain Cyber Risk Case Study

  • Cyber attacks by internal members of the team

Internal Security Threats

  • Disgruntled employees and not so-disgruntled employees
  • Access to login credentials
  • Access IoT devices

Forming Collaborative Partnerships

  • Proactive vs punitive approach to vendor risk
  • Achieving a common objective
  • Fostering growth
  • Mitigating risks

A Model for Implementing Supply Chain Cyber Security

  • Vetting suppliers
  • Establishing control
  • Continuous monitoring and improvement
  • Training and education
  • Implementing multiple layers of protection
  • Creating a cyber-crisis team

Summary and Conclusion

Requirements

  • Experience with supply chains

Audience

  • Supply chain managers and stakeholders
  7 Hours
 

Number of participants


Starts

Ends


Dates are subject to availability and take place between 09:30 and 16:30.
Open Training Courses require 5+ participants.

Testimonials (9)

Related Courses

CRISC - Certified in Risk and Information Systems Control

  21 Hours

Standard Java Security

  14 Hours

Java and Web Application Security

  21 Hours

Advanced Java Security

  21 Hours

Advanced Java, JEE and Web Application Security

  28 Hours

.NET, C# and ASP.NET Security Development

  14 Hours

Comprehensive C# and .NET Application Security

  21 Hours

Advanced C#, ASP.NET and Web Application Security

  21 Hours

Related Categories