A single compromised engineer at a third-party supplier can bring down even the most security-mature organization. As digital supply chains grow larger, more complex and harder to see, the risks multiply. Effective supply chain security must be business-driven, not security-driven.

In this session, Jicheng Zhu of GLP will share insights on:

• How to map key business processes to IT systems and external suppliers to identify and tier your most critical supply chain players, building a bill of materials for your digital ecosystem;
• Why visibility is the foundation of supply chain security, and how maintaining a supplier inventory with vulnerability, dependency and ownership attributes enables faster, more effective risk response;
• How to build a tailored, tiered information security requirements framework for suppliers and continuously monitor residual risk with transparency to the business.