Course Outline


  • The time and cost of cyber risk management vs the time and cost from a disruption to the supply chain.

Key Cyber Supply Chain Risks

  • In-house software and hardware vulnerabilities
  • Third party hardware and software vulnerabilities
  • In-house security knowledge and practices
  • Third-party security knowledge and practices

Supply Chain Cyber Risk Case Study

  • Risk exposure through third-party software

Tools and Techniques for Attacking a Supply Chain

  • Malware
  • Ransomware
  • Adware

Supply Chain Cyber Risk Case Study

  • Outsourcing to an external website builder

Cyber Supply Chain Security Principles

  • Assume your system will be breached.
  • Cybersecurity as a technology + people + process + knowledge problem.
  • Physical vs cybersecurity

Supply Chain Cyber Risk Case Study

  • Outsourcing data storage to a third-party provider

Assessing Your Organization's Risk Level

  • Hardware and software design processes
  • Mitigation of known vulnerabilities
  • Knowledge of emerging vulnerabilities
  • Monitoring of production systems and processes

Supply Chain Cyber Risk Case Study

  • Cyber attacks by internal members of the team

Internal Security Threats

  • Disgruntled employees and not so-disgruntled employees
  • Access to login credentials
  • Access IoT devices

Forming Collaborative Partnerships

  • Proactive vs punitive approach to vendor risk
  • Achieving a common objective
  • Fostering growth
  • Mitigating risks

A Model for Implementing Supply Chain Cyber Security

  • Vetting suppliers
  • Establishing control
  • Continuous monitoring and improvement
  • Training and education
  • Implementing multiple layers of protection
  • Creating a cyber-crisis team

Summary and Conclusion


  • Experience with supply chains


  • Supply chain managers and stakeholders
  7 Hours

Testimonials (6)

Related Courses

CRISC - Certified in Risk and Information Systems Control

  21 Hours

Standard Java Security

  14 Hours

Related Categories