Tutorial 4 Preview: Supply Chain Security for Business Leaders
In this tutorial, we delve into tightening cyber security assurance in supply chains. Be empowered with knowledge and guidance on how to build risk-based cyber assurance programs over suppliers, third parties and business partners.
https://cyberleadershipinstitute.com/wp-content/uploads/CRBL-Phil-Zongo-1.png
Be empowered as a business executive or senior business leader with practical guidance on how to build risk-based cyber-assurance programs over suppliers, third parties, and business partners. Make risk-informed decisions and promote business agility and innovation, all the while minimising exposure to third-party-related cyber threats.
4.1. Securing supply chain
https://cyberleadershipinstitute.com/wp-content/uploads/CRBL-Phil-Zongo-1.png
Discover how to tighten cyber security assurance within the supply chain, one of the five anchors of cyber resilience. Poorly planned or governed outsourcing can expose the business to threats outside of its tolerance or open backdoors for cyber threat actors to creep in and debilitate high-value digital assets. Learn the critical challenges of the supply chain and important lessons learned from data breaches.
4.2. The rising specter of compromised supply chain
https://cyberleadershipinstitute.com/wp-content/uploads/CRBL-Phil-Zongo-1.png
While tightening cyber risk assurance within complex supply chains is challenging, it’s certainly not impossible. This module provides practical recommendations to help business leaders maximise the value of outsourcing relationships while minimising associated risks. Understand how to infuse cyber security into your supply chain and discover how to segment suppliers based on their level of risk exposure.
4.3. The supplier risk segment
https://cyberleadershipinstitute.com/wp-content/uploads/CRBL-Phil-Zongo-1.png
The most efficient way to manage third parties is to require them to provide their own industry-standard assurance reports. If you don’t make this contractually enforceable, you will end up sending dozens of questionnaires with hundreds of questions to third parties. Your cyber security team will easily get overwhelmed by drawn-out complex reviews. Naturally, high-risk suppliers, such as those handling payment cards and with access to crown jewels, will require a comprehensive set of assurance reports, while low-risk suppliers can self-attest the effectiveness of their controls.
4.4. The security assurance reports
