When working in security, it's important to understand how the challenges of securing a supply chain differ from that of securing an enterprise. In this video, learn the difference between securing a business in isolation and in collaboration with supply chain vendors.
- [Instructor] Cybersecurity is often about … defining and maintaining boundaries. … These can be on a large scale, … for example, … protecting a business's internal network … from the wider Internet, … or much smaller, for example, … putting firewalls and antivirus onto a laptop. … One of the biggest changes … in our approach to cybersecurity here … is the scope. … We have to imagine the boundaries … when we swap from securing a business in isolation … to securing that business in collaboration … with customers and suppliers. … So, we're looking at the security perimeters … businesses build, … how those change in the context of supply chain security, … and how that alters both how attackers … and cybersecurity professionals interact with the system. … Defense in depth is a traditional approach … to cybersecurity. … It's based on defensive mechanisms used in castles … for the past thousand-plus years. … The scope is easily defined. … The risk assessment chooses a virtual outer wall. …
- Recognize how business and technology together create a supply chain cybersecurity problem.
- Identify how cybersecurity defines and maintains boundaries.
- Analyze how common cybersecurity practices compare to supply chain security issues.
- Give examples of how cybersecurity is implemented throughout an organization.
- Differentiate between prescriptive-based requirements and goal-based cybersecurity, with an identified supply chain risk.
- Provide evidence for why communicating about cybersecurity between businesses can be daunting.