Managing Cyber Risks in the Supply Chain Training Course

Overview

This instructor-led, live training (online or onsite) is aimed at supply chain professionals who wish to establish effective control and oversight of their supply chain, especially as it relates to cybersecurity.

By the end of this training, participants will be able to:

  • Understand the security oversights that can bring about significant damage and disruption to a supply chain.
  • Break down a complex security problem into manageable and actionable parts.
  • Address common supply chain vulnerabilities by analyzing high risk areas and engaging with stakeholders.
  • Adopt best practices in securing a supply chain.
  • Noticeably reduce or eliminate the biggest risks to an organization’s supply chain.

Format of the Course

  • Interactive lecture and discussion.
  • Lots of exercises and practice.
  • Hands-on implementation in a live-lab environment.

Course Customization Options

  • To request a customized training for this course, please contact us to arrange.

Requirements

  • Experience with supply chains

Audience

  • Supply chain managers and stakeholders

Course Outline

Introduction

  • The time and cost of cyber risk management vs the time and cost from a disruption to the supply chain.

Key Cyber Supply Chain Risks

  • In-house software and hardware vulnerabilities
  • Third party hardware and software vulnerabilities
  • In-house security knowledge and practices
  • Third-party security knowledge and practices

Supply Chain Cyber Risk Case Study

  • Risk exposure through third-party software

Tools and Techniques for Attacking a Supply Chain

  • Malware
  • Ransomware
  • Adware

Supply Chain Cyber Risk Case Study

  • Outsourcing to an external website builder

Cyber Supply Chain Security Principles

  • Assume your system will be breached.
  • Cybersecurity as a technology + people + process + knowledge problem.
  • Physical vs cybersecurity

Supply Chain Cyber Risk Case Study

  • Outsourcing data storage to a third-party provider

Assessing Your Organization’s Risk Level

  • Hardware and software design processes
  • Mitigation of known vulnerabilities
  • Knowledge of emerging vulnerabilities
  • Monitoring of production systems and processes

Supply Chain Cyber Risk Case Study

  • Cyber attacks by internal members of the team

Internal Security Threats

  • Disgruntled employees and not so-disgruntled employees
  • Access to login credentials
  • Access IoT devices

Forming Collaborative Partnerships

  • Proactive vs punitive approach to vendor risk
  • Achieving a common objective
  • Fostering growth
  • Mitigating risks

A Model for Implementing Supply Chain Cyber Security

  • Vetting suppliers
  • Establishing control
  • Continuous monitoring and improvement
  • Training and education
  • Implementing multiple layers of protection
  • Creating a cyber-crisis team

Summary and Conclusion

Leave a Reply

Your email address will not be published. Required fields are marked *