"Understand why your organisation should care about supply chain cyber security. Unless you understand what needs to be protected and why, it can be very hard to establish any meaningful control over your supply chain. In this step you will determine: Why might someone be interested in attacking your supply chain? Who are behind supply chain attacks, and what are their motives? What are the potential cyber threats that could cause harm to your organisation? What vulnerabilities could be exploited within your supply chain via a cyber attack? What is the impact on your organisation if?these vulnerabilities are exploited? Once this is understood in the context of your organisation, it becomes a lot easier to talk about and build a case for senior buy-in and investment to promote change around supply chain cyber security within the organisation.?" #security #securityriskmanagement #securitymanagement #securityrisks #enterprisesecurity #cybersecurity #physicalsecurity #informationsecurity #digitalsecurity #securityoperations #enterprisesecurityriskmanagement #securityassessment #intelligence #threatlintelligence #risk #riskmanagement #risk #risks #enterpriserisk #enterprisesecurityriskmanagement #intelligence #threatlintelligence #riskmanagement #riskanalysis #riskassessment #riskmanagementframework #operationalriskmanagement #projectriskmanagement #projectrisk #operationalresilience #resilience #operationalrisk #riskintelligence #governance #safety #safetyfirst #safetymanagement #safetyassessment #safetyrisks #safetyculture #safetyanalysis #personalsafety #workplacesafety #healthandsafety #hazard #danger #peril #threat #PPE #protectivesafety #workplacesafety #crisis #crisismanagement #complexity #chaos #crisisleadership #crisisplan #crisismanagementplan #stress #governance #decisionmaking #riskmanagement #riskinformed #securitymanagement #securityriskmanagement #resilience #humanfactors #emergency #disaster #emergencyresponse #securityprofessionals #supplychain #cyber #procurement #assurance
"‘How to assess and gain confidence in your supply chain #cybersecurity’ is aimed at procurement specialists, risk managers and cyber security professionals wanting to establish (or improve) an approach for assessing the cyber security of their organisation’s supply chain. It’s particularly suitable for medium to large organisations who need to gain assurance that mitigations are in place for vulnerabilities associated with working with suppliers. It can be applied ‘from scratch’, or can build upon any existing risk management techniques and approaches currently in use.?' #security #securityriskmanagement #securitymanagement #securityrisks #enterprisesecurity #cybersecurity #physicalsecurity #informationsecurity #digitalsecurity #securityoperations #enterprisesecurityriskmanagement #securityassessment #intelligence #threatlintelligence #risk #riskmanagement #risk #risks #enterpriserisk #enterprisesecurityriskmanagement #intelligence #threatlintelligence #riskmanagement #riskanalysis #riskassessment #riskmanagementframework #operationalriskmanagement #projectriskmanagement #projectrisk #operationalresilience #resilience #operationalrisk #riskintelligence #governance #safety #safetyfirst #safetymanagement #safetyassessment #safetyrisks #safetyculture #safetyanalysis #personalsafety #workplacesafety #healthandsafety #hazard #danger #peril #threat #PPE #protectivesafety #workplacesafety #crisis #crisismanagement #complexity #chaos #crisisleadership #crisisplan #crisismanagementplan #stress #governance #decisionmaking #riskmanagement #riskinformed #securitymanagement #securityriskmanagement #resilience #humanfactors #emergency #disaster #emergencyresponse #securityprofessionals #supplychain #cyber #procurement #assurance
#NIS2 compliance for European public and private sectors in fx energy, transportation, critical infrastructure, health