Course Outline


  • The time and cost of cyber risk management vs the time and cost from a disruption to the supply chain.

Key Cyber Supply Chain Risks

  • In-house software and hardware vulnerabilities
  • Third party hardware and software vulnerabilities
  • In-house security knowledge and practices
  • Third-party security knowledge and practices

Supply Chain Cyber Risk Case Study

  • Risk exposure through third-party software

Tools and Techniques for Attacking a Supply Chain

  • Malware
  • Ransomware
  • Adware

Supply Chain Cyber Risk Case Study

  • Outsourcing to an external website builder

Cyber Supply Chain Security Principles

  • Assume your system will be breached.
  • Cybersecurity as a technology + people + process + knowledge problem.
  • Physical vs cybersecurity

Supply Chain Cyber Risk Case Study

  • Outsourcing data storage to a third-party provider

Assessing Your Organization's Risk Level

  • Hardware and software design processes
  • Mitigation of known vulnerabilities
  • Knowledge of emerging vulnerabilities
  • Monitoring of production systems and processes

Supply Chain Cyber Risk Case Study

  • Cyber attacks by internal members of the team

Internal Security Threats

  • Disgruntled employees and not so-disgruntled employees
  • Access to login credentials
  • Access IoT devices

Forming Collaborative Partnerships

  • Proactive vs punitive approach to vendor risk
  • Achieving a common objective
  • Fostering growth
  • Mitigating risks

A Model for Implementing Supply Chain Cyber Security

  • Vetting suppliers
  • Establishing control
  • Continuous monitoring and improvement
  • Training and education
  • Implementing multiple layers of protection
  • Creating a cyber-crisis team

Summary and Conclusion


  • Experience with supply chains


  • Supply chain managers and stakeholders
  7 Hours


Related Courses

Certified Chief Information Security Officer (CCISO)

  35 hours

Certified Ethical Hacker

  35 hours

Standard Java Security

  14 hours

Java and Web Application Security

  21 hours

Advanced Java Security

  21 hours

Advanced Java, JEE and Web Application Security

  28 hours

C/C++ Secure Coding

  21 hours

Microsoft SDL Core

  14 hours

.NET, C# and ASP.NET Security Development

  14 hours

Certificate of Cloud Security Knowledge

  14 hours

Fundamentals of Corporate Cyber Warfare

  14 hours

Open Source Cyber Intelligence - Introduction

  7 hours

Open Source Intelligence (OSINT) Advanced

  21 hours