The Virtual Backdoor: Protecting Your Digital Supply Chain

Watch Now

To watch this webinar you’ll need an Infosecurity Magazine account. Log in or sign up below.

Log in
Sign up

Get up-to-the-minute news and opinions, plus access to a wide assortment of Information Security resources that will keep you current and informed.

This will be used to identify you if you take part in our online comments.

Your password should:

  • be at least eight characters long
  • be no more than 25 characters long
  • contain at least one uppercase, lowercase and special character
  • contain at least one digit
  • only contain alphanumeric characters or ~!@#$%^&*()_-+=?.

For more information explaining how we use your information please see our privacy policy.

By registering you agree with our terms and conditions.

Securing the digital supply chain has risen up the corporate agenda in light of increased reliance on outsourcing, largely influenced by cloud computing, mobile technology and a change in cybercriminal focus and behaviour.

Online criminals are increasingly looking to exploit smaller supplier organisations as opposed to the large corporate businesses sharing the data. These small suppliers often comprise of less than 250 employees, have a very small security staff (if any), immature security monitoring, tools or testing capability, and divergent priorities (namely trying to grow and stay in business) to protecting a larger organisation's data.
Last year's Target breach, which saw hackers gain remote access via the retailer's heating and cooling software supplier, has thrown the issue of supply chain security into sharp relief. In the Age of Information, businesses have had no choice but to become sprawling networks of interconnected third parties in order to effectively operate competitive and complex digital businesses. Target illustrates that lapse security in any one supplier can lead to a breach with catastrophic reputational, legal and ultimately economic consequences.
IRM often finds that clients spend vast quantities of their IT security budget bolstering internal network infrastructures and applications, without applying the same thorough examination to their vendor partners. Furthermore, when responding to a cyber-incident, integration of cyber risk management into supply chain management is almost always found to be limited, or has even been completely ignored.
This digital supply chain security webinar will address the following concerns and questions:
  • Third party risks are by no means a new phenomenon, but what changes and impact has cyber introduced into the risk environment?
  • Where does the line of responsibility for information and cyber security fall between the outsourcing business and its supplier?
  • What level of due diligence should be required prior to contract signing?
  • How realistic is it to require suppliers to adhere to equivalent standards applied by the outsourcing organisation?
  • To what extent does keeping the supply chain cyber-proof fall into procurement's domain?
  • How can business monitor the sensitivity/value of their data AND who is able to access it?
  • Why should businesses look to start building a supply chain cyber risk management programme?


Photo of Sean Arrowsmith

Sean Arrowsmith

Sales Director, Information Risk Management (IRM) PLC

Brian Harrison

Information Security & Assurance Senior Risk & Com

Photo of Conor McGoveran

Conor McGoveran

Chief Information Officer, Information Risk Management (IRM) PLC

David Rimmer

Head of Information Security, TDX Group

Should you watch this webinar your information may be shared with the sponsors indicated above. Please see Infosecurity Magazine’s privacy policy for more information.