- Recognize how business and technology together create a supply chain cybersecurity problem.
- Identify how cybersecurity defines and maintains boundaries.
- Analyze how common cybersecurity practices compare to supply chain security issues.
- Give examples of how cybersecurity is implemented throughout an organization.
- Differentiate between prescriptive-based requirements and goal-based cybersecurity, with an identified supply chain risk.
- Provide evidence for why communicating about cybersecurity between businesses can be daunting.
Skill Level Beginner
- [Instructor] Securing the supply chain is an emerging theme in the cybersecurity industry. This is in reaction to the increased interconnectivity between organization and regulatory requirements. This interconnectivity is changing both the scope that we have to consider for an organization's cybersecurity requirements and where the cybersecurity role sits within the organization's existing business functions. Hi, I'm Emma Osborn, a cybersecurity consultant and researcher. I specialize in the cybersecurity of supply chains and the small businesses within them. So who is this course for? It'll benefit any of the technical experts, managers, and directors who are traditionally responsible for cybersecurity, helping them transition their approach. In large organizations with a mature cybersecurity function, this is often to address the biggest residual security risk present in their business. Supply chain is the low-hanging fruit, the easiest place to reduce risk, having already heavily invested within the organization. Small organizations might have less security, but need to understand supply chain requirements. The change in scope of cybersecurity also increases the number of people this course is relevant for. Nontechnical business functions such as procurement, commercial, legal, HR, and, of course, information governance and compliance, are all gaining responsibility for cybersecurity. These new responsibilities redefine roles, meaning that people who fall outside of traditional cyber roles might be interested in this course, too. Firstly, we look at how supply chains are evolving and how this compares to the cybersecurity practice we're used to. Then we explore what cybersecurity looks like in different types of supply chain, thinking about the different ways that businesses interact. The next part examines cyber risk across the supply chain. Finally, we give some examples of different approaches for managing relationships and improving supply chain security. So if you're ready to learn, let's get started.