Securing the Technology Supply Chain presented at BSidesAustin 2019

by Keith Turpin,

Summary : Supply chains can represent the biggest risk to many organizations. Current data shows that this is a commonly exploited vector of attack and that most organizations struggle to properly address the risks. Learning to secure the technology supply chain means understanding the risk inherent in subcontracting, knowing how attackers might take advantage of the business relationship and why your organization might be targeted. It also requires the security team to be tightly integrated with legal and other less obvious business groups. This presentation will provide an overview of the issues and guidance on building an effective program for your organization.