Risk can be tricky to evaluate when working within a supply chain. In this video, learn how to identify who holds risk, responsibility, or control in your supply chains.
- [Instructor] Part of the problem with cybersecurity … is that it relies on creating boundaries. … But those boundaries depend on … controlling a number of factors, … some of which will have been shared … or outsourced to suppliers. … Owning the supply chain cybersecurity problem … will mean different things to different people. … There's three main requirements for managing risk. … Firstly, the actual risk we're worried about. … Secondly, there's the responsibility for the security. … And third, the control of the IT system platforms, … or people, that the security measures involve. … So let's look at an example organization. … Quite a large organization, … they have their own tower block … and obviously they're connected to the internet. … They might have satellite offices, … which to the casual observer look … like they're connected separately to the internet, … but most multi-site organizations will now be using VPN … so the computers are isolated from the wider internet … and they all think that they're actually in the same office. …
- Comparing organizational and supply chain cybersecurity
- Cyber threats in the supply chain
- Cybersecurity across large, medium, and small organizations
- Evaluating cyber risk
- Improving supply chain cybersecurity