The book includes insights from the following experts:

  • Steven Parker, Chief Information Security Officer, TBC Corporation, Read the article >>
  • Alex Golbin, Global Head of Risk Assessments, IHS Markit, Read the article >>
  • Keith Donnelly, VP, Global Head of Risk & Compliance, Broadridge, Read the article >>
  • Arvin Verma, Cyber Risk Management Specialist – Vendor/Supply Chain Risk, PepsiCo, Read the article >>
  • Konrad Fellmann, Vice President and Chief Information Security Officer, Cubic Corporation, Read the article >>
  • Deneen DeFiore, Vice President & Chief Information Security Officer, United Airlines, Read the article >>
  • Lakshmi Hanspal, Global Chief Information Security Officer, Box, Read the article >>

7 Experts On Evaluating And Managing Supply Chain Risk was generously sponsored by bluevoyant.

Businesses depend on vendor and supply chain relationships to meet operational needs. These relationships range from noncritical services to services that are essential for normal operations critical functions and components integral to that business’ core value offering.
Companies inherit two kinds of potential cyber risk from their vendor and supply chain relationships. An attack on one or more supply chain partners can disrupt the supply chain itself, thereby putting normal business operations at risk. Or, a cyberattack can migrate from a supply chain partner’s network directly to the company’s infrastructure.
To learn more about how businesses manage risk from this increasingly popular attack vector, with the generous support of BlueVoyant, we reached out to seven security experts to ask the following question:

How do you evaluate and manage the third-party cyber risk that the vendors that make up your supply chain pose?

Not surprisingly, their answers varied as a result of their diverse industry backgrounds and the subsequent criticality of the supply chain relationships in those organizations and the criticality of supply chain relationships. There was a lot of common ground, too, in the recognition of this growing threat and, for some companies, the need to move from periodic vendor assessment to continuous assessment.
There is no zero-risk supply chain relationship, but there are ways to reduce risk. I’m sure security stakeholders will gain useful insights from this eBook about what companies are doing today and how they are responding to this growing risk.