Necessary Components of an Effective Cyber Supply Chain Risk Management (C-SCRM)
- TYPE: Session DATE: Tuesday, June 02, 2020 TIME: 14:00-14:20
As the recent widely publicized revelations have shown, the risk of purchasing hard- and software with deliberately or accidentally built-in weaknesses is much higher than we could have estimated – but it is not the only element of Supply Chain Risk. Supply chains can only be as strong as their weakest link. In a world where enterprises must focus on what they can do best and outsource everything else, it is necessary to know these weak spots and to limit the risks occurring from them.
However, supply chain risk management itself is a complicated process riddled with challenges:
- Selecting suppliers with a low risk profile: it is complex, expensive and inefficient to collect all necessary information needed to evaluate and quantify risks deriving from internal processes and vulnerabilities within the supplier´s organization.
- In a networked economy, the number of suppliers is increasing, with time and resources consumed by properly risk-assessing them simply getting too high.
- Most organizations underestimate these risks: Cyber incidents happen every day, anywhere in a supply chain. Your supplier´s threats add to your company´s risk profile. Therefore, suppliers and their risks have to be continuously monitored.
- Cyber supply chain risks are multidimensional, with many different stakeholders involved and interfaces to privacy & data protection, risk management, compliance, controlling, and audit.
Building reliable continuous assessment strategies and processes for such a complicated topic is a massive undertaking. And yet, now is the right time to add C-SCRM to your core cybersecurity strategy. This session gives you an insight into the necessary components of C-SCRM, followed by a panel discussion with industry experts.