CYB 310 – Using Cyber Supply Chain Risk Management (C-SCRM) to Mitigate Threats to IT/OT

Course Overview

Using Cyber Supply Chain Risk Management (C-SCRM) to mitigate the risks associated with the distributed and interconnected nature of IT/OT product and service supply chains requires close coordination and information-sharing with reliable allies and constant monitoring for and evaluation of security risks and openings. Learners will gain a basic understanding of C-SCRM, including its central ideas, recommended procedures, and established norms. This course introduces how to create and execute effective C-SCRM strategies to safeguard their organizations’ IT and OT systems against cyber risks originating in the supply chain via a mix of theoretical understanding and real-world experiences.

On successful completion of this course, learners should have the knowledge and skills required to:

• Detect supply chain threats and vulnerabilities
• Evaluation risk as part of supplier selection
• Examine third-party security, practices, and protocols
• Leverage supply chain security standards and frameworks
• Develop incident response and recovery
• Use C-SCRM to manage contracts
• Mitigate insider threats and monitor systems