Course Outline
Introduction
- The time and cost of cyber risk management vs the time and cost from a disruption to the supply chain.
Key Cyber Supply Chain Risks
- In-house software and hardware vulnerabilities
- Third party hardware and software vulnerabilities
- In-house security knowledge and practices
- Third-party security knowledge and practices
Supply Chain Cyber Risk Case Study
- Risk exposure through third-party software
Tools and Techniques for Attacking a Supply Chain
- Malware
- Ransomware
- Adware
Supply Chain Cyber Risk Case Study
- Outsourcing to an external website builder
Cyber Supply Chain Security Principles
- Assume your system will be breached.
- Cybersecurity as a technology + people + process + knowledge problem.
- Physical vs cybersecurity
Supply Chain Cyber Risk Case Study
- Outsourcing data storage to a third-party provider
Assessing Your Organization's Risk Level
- Hardware and software design processes
- Mitigation of known vulnerabilities
- Knowledge of emerging vulnerabilities
- Monitoring of production systems and processes
Supply Chain Cyber Risk Case Study
- Cyber attacks by internal members of the team
Internal Security Threats
- Disgruntled employees and not so-disgruntled employees
- Access to login credentials
- Access IoT devices
Forming Collaborative Partnerships
- Proactive vs punitive approach to vendor risk
- Achieving a common objective
- Fostering growth
- Mitigating risks
A Model for Implementing Supply Chain Cyber Security
- Vetting suppliers
- Establishing control
- Continuous monitoring and improvement
- Training and education
- Implementing multiple layers of protection
- Creating a cyber-crisis team
Summary and Conclusion
Requirements
- Experience with supply chains
Audience
- Supply chain managers and stakeholders
Testimonials (3)
I liked the approach of the teacher from the very beginning. The fact that he/she tailored the teaching to our needs, and when we encountered problems, he helped us with great interest.
flavia - ASOCIAŢIA PENTRU VIITORII PROFESIONIŞTI ÎN TEHNOLOGIA INFORMAŢIEI
Course - SAP Financial Accounting and Controlling (FICO) for Consultants
Questions, that helps me a lot to understand the characteristics of CRISC examination.
Masakazu Yoshijima - Bank of Yokohama, Ltd.
Course - CRISC - Certified in Risk and Information Systems Control
I found NobleProg very easy to work with, considering the timezone challenges and our difficulty with trainees requiring support in Japanese. Overall, working with you on this training was satisfactory and I would have no hesitation recommending your organisation. If a training need occurs for us in the ASPAC region again, I will be in touch with NobleProg.