Singuyen Vo explores continuous life cycle vigilance for OT supply chain risk management. He discusses threat-informed vetting, SBOM documentation and behavioral monitoring during operations.
As OT environments become increasingly interconnected, vulnerabilities within the supply chain pose some of the greatest risks to operational safety and resilience. Traditional one-time vendor questionnaires create false security, missing firmware threats and malicious insiders. Adversaries evolved from malware to destruction-focused attacks avoiding detection signatures.
Effective cyber supply chain risk management requires continuous life cycle vigilance beyond static compliance. This includes threat-informed vetting during selection, SBOM documentation requirements at onboarding, behavioral monitoring during operations, and immediate access revocation at offboarding.
The session, led by Singuyen Vo, CISO at ICAO, will explore:
- How to assess and quantify OT supply chain risk using threat intelligence and continuous monitoring;
- Why standardizing third-party risk management across all suppliers is essential for resilience;
- Where organizations can implement forward-looking policies and regulatory measures to protect supply chains.
Here is the course outline:
How to Propagate the Full Life Cycle of Supply Chain Management |
Completion
The following certificates are awarded when the course is completed:
 |
CPE Credit Certificate |
