))
Who is Responsible for Securing the Supply Chain? Managing Liability for Supply Chain Attacks
Manage episode 310321593 series 3052259
Treść dostarczona przez Makala Barsolona and Britton Burton | Sr Director of Product Strategy. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Makala Barsolona and Britton Burton | Sr Director of Product Strategy lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Another colossal cyber-attack on the global supply chain took place this month, which saw over 1,500 businesses infected with ransomware via a breach of a third-party vendor, Kaseya. The breach comes on the heels of other large-scale supply chain attacks against SolarWinds, Microsoft, and other major third-party vendors.
This brings critical questions to the forefront for our industry: who is accountable for supply chain breaches and who owns the risk?
In this CyberPHIx episode, we attempt to answer these questions during this engaging podcast interview with Eric Zematis, Chief Information Security Officer of Lehigh University.
Eric discusses approaches for managing liability for supply chain attacks including business accountability and communication, cyber liability insurance, third-party vendor obligations, and government intervention.
Highlights of the discussion include:
- Managing and communicating third party risk with the business
- Accountability for the business in oversight and management of vendor risk
- The history and evolution of cyber liability insurance
- Cyber liability policies and coverage considerations
- Supply chain vendor accountability before, during, and after breach events
- Government accountability and roles in combatting supply chain cyber attacks
- Standards organizations and resources for managing supply chain risks
99 odcinków
Udostępnij
