Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

The Virtual Backdoor: Protecting Your Digital Supply Chain

Watch Now

To watch this webinar you’ll need an Infosecurity Magazine account. Log in or sign up for yours below.

Log In

Sign Up

Get up-to-the-minute news and opinions, plus access to a wide assortment of Information Security resources that will keep you current and informed.

This will be used to identify you if you take part in out online comments.
Your password should be at least six characters long. It is case sensitive. Passwords can only consist of alphanumeric characters or ~!@#$%^&*()_-+=?.

By registering you agree with our terms and conditions and privacy policy.

Securing the digital supply chain has risen up the corporate agenda in light of increased reliance on outsourcing, largely influenced by cloud computing, mobile technology and a change in cybercriminal focus and behaviour.

 
Online criminals are increasingly looking to exploit smaller supplier organisations as opposed to the large corporate businesses sharing the data. These small suppliers often comprise of less than 250 employees, have a very small security staff (if any), immature security monitoring, tools or testing capability, and divergent priorities (namely trying to grow and stay in business) to protecting a larger organisation's data.
 
Last year's Target breach, which saw hackers gain remote access via the retailer's heating and cooling software supplier, has thrown the issue of supply chain security into sharp relief. In the Age of Information, businesses have had no choice but to become sprawling networks of interconnected third parties in order to effectively operate competitive and complex digital businesses. Target illustrates that lapse security in any one supplier can lead to a breach with catastrophic reputational, legal and ultimately economic consequences.
 
IRM often finds that clients spend vast quantities of their IT security budget bolstering internal network infrastructures and applications, without applying the same thorough examination to their vendor partners. Furthermore, when responding to a cyber-incident, integration of cyber risk management into supply chain management is almost always found to be limited, or has even been completely ignored.
 
This digital supply chain security webinar will address the following concerns and questions:
 
  • Third party risks are by no means a new phenomenon, but what changes and impact has cyber introduced into the risk environment?
  • Where does the line of responsibility for information and cyber security fall between the outsourcing business and its supplier?
  • What level of due diligence should be required prior to contract signing?
  • How realistic is it to require suppliers to adhere to equivalent standards applied by the outsourcing organisation?
  • To what extent does keeping the supply chain cyber-proof fall into procurement's domain?
  • How can business monitor the sensitivity/value of their data AND who is able to access it?
  • Why should businesses look to start building a supply chain cyber risk management programme?

Speakers

Sean Arrowsmith

Sales Director, Information Risk Management (IRM) PLC

Brian Harrison

Brian Harrison Information Security & Assurance Senior Risk & Com

    Conor McGoveran

    Chief Information Officer, Information Risk Management (IRM) PLC

    David Rimmer

    David Rimmer Head of Information Security, TDX Group