3      0

(ISC)² Security Congress 2021 - Career Center & Recordings

1778587 - Securing your Supply Chain from their Insider Threats


Oct 19, 2021 4:30pm ‐ Oct 19, 2021 5:30pm



Credits: None available.

Description

Recently, the U.S. has fallen victim to the most pernicious and skillful cyber espionage campaign known in our history, SolarWinds. The days to come will reveal more vulnerabilities, other points of weakness in the supply chain and further weaken technical defenses. Supply chains are complex and ever-changing. Consider third-party integrators, addition of new software or hardware products into the environment, and employees of the companies that make up the supply chain. Today’s dynamic technology fabric creates a greater need for due-diligence and common security control baselines as a standard for doing business. Basic reviews typically focus on “questionnaire” type audits that don’t address or satisfy the risks of the third-party workforce. (The 2018 (ISC)2 Cybersecurity report noted that 33% of small businesses admit that their employees had mishandled client credentials.) We, as leaders in cybersecurity, must begin to seriously address all aspects of the supply chain and respond to the weakest links.

Learning Objectives:
  • Understand components of the supply chain and frameworks for assessing cybersecurity risks
  • Understand how Zero-trust enables better third-party risk management
  • Discuss a Roadmap for a successful supply chain insider threat program

Speaker(s):

  • Alice Fakir, M.S. IT Management, Vice President, Citizen Services Cyber Security, Booz Allen Hamilton

Credits

  • 1.00 - CPE

You must be logged in and own this session in order to post comments.