Using Cyber Supply Chain Risk Management (C-SCRM) to mitigate the risks associated with the distributed and interconnected nature of IT/OT product and service supply chains requires close coordination and information-sharing with reliable allies and constant monitoring for and evaluation of security risks and openings. Learners will gain a basic understanding of C-SCRM, including its central ideas, recommended procedures, and established norms. This course introduces how to create and execute effective C-SCRM strategies to safeguard their organizations‚ IT and OT systems against cyber risks originating in the supply chain via a mix of theoretical understanding and real-world experiences.
Learning Objectives
Upon successful completion of this course, learners should have the knowledge and skills to:
- Detect supply chain threats and vulnerabilities
- Evaluate risk as part of supplier selection
- Examine third-party security policies, practices, and protocols
- Leverage supply chain security standards and frameworks
- Develop incident response and recovery
- Use C-SCRM to manage contracts
- Mitigate insider threats and monitor systems
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):