The accreditors of this session require that you periodically check in to verify that you are still attentive.
Please click the button below to indicate that you are.
Recently, the U.S. has fallen victim to the most pernicious and skillful cyber espionage campaign known in our history, SolarWinds. The days to come will reveal more vulnerabilities, other points of weakness in the supply chain and further weaken technical defenses. Supply chains are complex and ever-changing. Consider third-party integrators, addition of new software or hardware products into the environment, and employees of the companies that make up the supply chain. Today’s dynamic technology fabric creates a greater need for due-diligence and common security control baselines as a standard for doing business. Basic reviews typically focus on “questionnaire” type audits that don’t address or satisfy the risks of the third-party workforce. (The 2018 (ISC)2 Cybersecurity report noted that 33% of small businesses admit that their employees had mishandled client credentials.) We, as leaders in cybersecurity, must begin to seriously address all aspects of the supply chain and respond to the weakest links.
Learning Objectives:
Understand components of the supply chain and frameworks for assessing cybersecurity risks
Understand how Zero-trust enables better third-party risk management
Discuss a Roadmap for a successful supply chain insider threat program
Speaker(s):
Alice
Fakir,
M.S. IT Management,
Vice President, Citizen Services Cyber Security,
Booz Allen Hamilton