The Cloud: challenges and solutions to ensure supply chain cyber security

June 25th
2020
at 17:00 CEST
1.5
hours
ABOUT webinar
Threats and Risks in the Cloud Supply Chain;
What cyber security controls should be applied to mitigate those risks?
How to assess cloud providers to ensure security of the end-to-end supply chain?
The recent vast shift to remote has defined further the growing tendency of companies to migrate to the cloud.
Our suppliers are no exception.

So how should we perform due diligence on our third parties and get assurance that their cloud assets are managed securely?

What practices and tools could be used to implement a holistic risk management approach? And how do we reduce the possibility of cyber security incidents coming from our supply chain?

TOPICS
to be discussed
OUR
speakers
Raj Samani - MODERATOR
Raj Samani is a McAfee Fellow and Chief Scientist at McAfee. His prior roles include VP and Chief Technology Officer, EMEA, at Intel Security/McAfee and Chief Information Security Officer for a large public-sector organisation in the United Kingdom. A leading international cybercrime expert, Samani has assisted multiple law enforcement agencies in cybercrime cases, and is special advisor to the European Cybercrime Centre (EC3/EUROPOL).
Mark Dillon
- 15 years experience in utilities (electric, water, other)
- 6 years experience operating/building ISPs
- 10 years experience in Municipal government
- College professor, frequent speaker, some other stuff

Topic:

General overview of cyber security concerns, mitigation and common strategies related to the Cloud
Jeffrey Batt
Jeffrey Batt is the Cyber Insurance Practice Leader at M&T Bank. He provides cyber insurance and risk consulting solutions to M&T's commercial customer base. In addition to insurance brokerage and product development, Jeffrey also leads client cybersecurity trainings and innovates quantification tools. Prior to joining M&T, Jeffrey was a Vice President in Marsh's Cyber Practice, and before that served as an Associate Deputy General Counsel at the U.S. Department of Defense for nearly six years. A graduate of the Georgetown University Law Center, Jeffrey also received a Certificate in Cyber Leadership from the DoD-affiliated National Defense University, and is currently an Adjunct Professor at the American University Kogod School of Business, where he teaches on cybersecurity governance.

Managing Cloud and Supply Chain Risk: A Security and Insurance Roadmap

  • Cloud-related cyber risks are multi-faceted and require a holistic risk management approach.
  • Particular attention should be paid to contractual indemnity language, and gauging vendor security practices.
  • Cyber insurance, and cyber risk quantification tools, are beneficial ways to manage this risk alongside more technical security solutions.

Steve Williamson
Steve leads the Information Security and Data Privacy Assurance team for GSK. He is accountable for providing assurance to the Board over the Information Security and Data Privacy enterprise risks. Steve has worked in IT for over thirty years. His background is in software engineering, and for the last sixteen years he has worked in Information Risk Management within GSK. In this time, he has fulfilled different leadership roles, and successfully delivered risk reduction programmes across the business, covering Application Security, Vulnerability Management and Cloud Security. Steve is a curious technologist, a Chartered Fellow of the British Computer Society and is active in a number of CISO networks. He is a regular conference speaker and is often asked to sit on expert panels.

What happens when our suppliers migrate to the cloud?

Companies migrate to the cloud in order to gain the benefits of fast provisioning, scalability and improved security. Fundamental to successful cloud adoption is a thorough understanding of the shared responsibility model. A lot of security is self-service in the cloud, and the Cloud Service Client is responsible for enabling many of the native security features and monitoring capabilities.

When we perform due diligence on our suppliers, we seek evidence that their on-premise infrastructure is secure. But how does that apply when our suppliers start migrating to the cloud? Having contractual terms which mandate our suppliers patch regularly and have a strong password Policy, but is that adequate for assuring data security in the cloud? If we want to have a secure end-to-end supply chain, we need assurance that our suppliers are managing their cloud assets securely. This presentation will look at some specific threats from using cloud services.

Follow Third Party & Supply Chain Cyber Security Summit on social media to stay tuned!
Register For Free
For General Questions
+420 234 280 783
webinars@giavirtual.com
Industry
Country
Join us live
At GIA Global Group we believe that deep personal connections are the key to driving your business & professional growth successfully and we invite you to check our annual live events to maximise your experience with us.
18th & 19th February 2021
Madrid, Spain

Third Party & Supply Chain Cyber Security Summit
Learn the best case studies on the end to end cyber security implementation practices when working with third parties to ensure a truly resilient and secure supply chain network at the 5th Annual Third Party & Supply Chain Cyber Security Summit.

  • How much of your data security is really under your control?
  • What is your risk management approach towards your suppliers?
  • How to secure your network and protect your sensitive data?

Led by the TOP information security professionals from leading companies the discussion will give you an opportunity to see the issue from the perspective of different industries & angles and identify the complex solution to be implemented.