Course Outline
Introduction
- The time and cost of cyber risk management vs the time and cost from a disruption to the supply chain.
Key Cyber Supply Chain Risks
- In-house software and hardware vulnerabilities
- Third party hardware and software vulnerabilities
- In-house security knowledge and practices
- Third-party security knowledge and practices
Supply Chain Cyber Risk Case Study
- Risk exposure through third-party software
Tools and Techniques for Attacking a Supply Chain
- Malware
- Ransomware
- Adware
Supply Chain Cyber Risk Case Study
- Outsourcing to an external website builder
Cyber Supply Chain Security Principles
- Assume your system will be breached.
- Cybersecurity as a technology + people + process + knowledge problem.
- Physical vs cybersecurity
Supply Chain Cyber Risk Case Study
- Outsourcing data storage to a third-party provider
Assessing Your Organization's Risk Level
- Hardware and software design processes
- Mitigation of known vulnerabilities
- Knowledge of emerging vulnerabilities
- Monitoring of production systems and processes
Supply Chain Cyber Risk Case Study
- Cyber attacks by internal members of the team
Internal Security Threats
- Disgruntled employees and not so-disgruntled employees
- Access to login credentials
- Access IoT devices
Forming Collaborative Partnerships
- Proactive vs punitive approach to vendor risk
- Achieving a common objective
- Fostering growth
- Mitigating risks
A Model for Implementing Supply Chain Cyber Security
- Vetting suppliers
- Establishing control
- Continuous monitoring and improvement
- Training and education
- Implementing multiple layers of protection
- Creating a cyber-crisis team
Summary and Conclusion
Requirements
- Experience with supply chains
Audience
- Supply chain managers and stakeholders
Testimonials (10)
Overview of Risk topics and preparing for exam
Leszek - EY GLOBAL SERVICES (POLAND) SP Z O O
Course - CRISC - Certified in Risk and Information Systems Control
Lap Qradar
Sutthikan Noisombat - NTT
Course - IBM Qradar SIEM: Beginner to Advanced
The simple explanation of the trainer
Mohammed salem - Palestinian Police
Course - Open Source Intelligence (OSINT) Advanced
Accessing tools and being able to ask questions to someone friendly who I felt wouldn't judge me
Kiara
Course - Open Source Cyber Intelligence - Introduction
A wide range of knowledge of the lecturer.
Marcin Szklarski - Santander Consumer Bank
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
Lot's of information explained very well. Good examples, interesting exercises. Trainer showed us his real world experience.
Gergely Bathó - GE Medical Systems Polska Sp. Z O.O.
Course - Application Security for Developers
The Burpe suite i need more training in this
Gontse Ntshegi - Vodacom
Course - Android Security
Azure web security, it was more what i was expecting, the penetration testing i would never do in my job
Toby
Course - Application Security in the Cloud
the balance between lectures and practice, the rhythm, the trainer knowledge and pedagogic skill
Armando Pinto - EID
Course - C/C++ Secure Coding
Pushing changes on an ongoing basis, when on the 3rd day I started to get more lost than before and it was harder to spot the error quickly, I was quickly able to check out the latest changes and stay up to date with the material
Paulina
Course - Advanced Java Security
Machine Translated