(Supply-Chain) Risk Management according to ISO/IEC27036

Name: (Supply-Chain) Risk Management according to ISO/IEC27036
Rating: 3.8 (30 reviews)

Understanding Supply-Chain Information Security Risk Management

(30 ratings)

139 students

Created by Michael Goedeker

Last updated 8/2015

English

English [Auto]

What you'll learn

Understand Supply-Chain
Understand ICT Supply-Chain Risks
Understand how to address Information Security risks
Understand what ISO/IEC27036 is and how it links to the 2700X family

Requirements

Be curious

Description

Cyber threats, hackers, espionage and warfare are increasing the amount of successful attacks on critical infrastructure and companies of all sizes. We have technologies that are somewhat successful at blocking and stoping "some" attacks.

Amidst these threat vectors many people forget some of the most obvious targets like the supply chain and the security of data, information and IP as it leaves the outsourcing company (acquirer) to the supplier. An example of this type of attack is what happened to one of the biggest SIM manufacturers of the world Gemalto.

Supply chain risk management in its simplest form:

Concentrates on identifying supply chain information security risks and the likelihood of those risks being exploited by missing governance, processes and misunderstandings between acquirer and supplier
What types of risks are likely to a company or possibly a nation if supply chain risks and suppliers are not managed correctly
Help you identify which risks you have based on the type of supplier and more importantly which assets you need to protect
Choose mechanisms, processes and procedures that can mitigate and minimize some risks

Who this course is for:

Anyone involved in InfoSec, Risk Management, Supply Chain Management or Security

Michael Goedeker

Cyber Security Researcher, Author, Trainer, M.Sc. CISSP

4.4 Instructor Rating
16,884 Reviews
65,368 Students
10 Courses

Hi, my name is Mike and I have been working in the IT and Security space for more than 30 years. As a result of this long time in the security and technology industry I have amassed more than 15 separate certifications ranging from CISSP to more specific ones like SIEM Engineer. My academic life has seen multiple degrees and research as well from the apprenticeship all the way up to Doctoral Research for Heriot Watt University in Edinburgh and my Masters at Ulster University in Ireland.

I am an author of 5 books in English and 3 in German as well as multiple articles, reports and papers on topics ranging from Cyberbullying in Social Networks up to and including Nation State Cyber Warfare and Espionage.

Health-wise I have completed my Trainer Certification as well as Meditation, Fitness Instructor and also Tai-Chi Qi Gong training for relaxation, anti stress and other forms of holistic health practices.

My specialities are Security, Cybersecurity, Cyber Risk, Intelligence, IT Technologies, Stress, Risk Management, Business Leadership, Business Management / Economics, Doctoral Research, and Holistic Health.