DETECTING AND HANDLING SUPPLY CHAIN ATTACKS

Price:

From €990

Date:

Duration:

2 days

Level:

Intermediate

Image-empty-state.png

Trainer

Vladimir Dashchenko

Vladimir Dashchenko is a VP of Threat Intelligence at DeNexus. He has 10+ years of offensive and defensive security experience in different roles: penetration tester, vulnerability researcher and security analyst.
Vladimir started his career at the Federal Space Agency in Russia as a security engineer. He was also leading Kaspersky ICS CERT Vulnerability Research team and doing various projects on ICS/IoT/Automotive security.
You might see his name mentioned in security advisories or ‘Halls of Fame’ by different world known vendors, such as Siemens, Schneider Electric, Rockwell Automation, Gemalto, BMW, etc

About the training

According to Accenture, up to 40% of cybersecurity attacks are now occurring indirectly through the supply chain. Supply chain attacks may not yet be as common as traditional attack vectors, but their complexity and impact is significantly higher. SolarWinds still dominates the headlines, and more ongoing attacks like this one will undoubtedly emerge in the near future.

So what can we do to spot and stop supply chain attacks? Familiarise yourself with a proven set of essential procedures, tools and technologies, contract requirements and general awareness proven to minimize risk:

- Supply Chain and Trusted Partners: definitions, examples and differences
- Well known and lesser known examples of SC&TP attacks
- Usage of TTPs based on MITRE ATT&CK mapping
- Current state of SC&TP Security Standards and Frameworks: how to assess SC&TP security using existing approaches
- How to identify which business areas should be considered and monitored for SC&TP security
- How to identify which existing tools/solutions/procedures/people/roles cover those business areas

This training also incorporates key steps to build your SC&TP Cyber Security Monitoring Framework, and uses different practical and problem-solving tasks to aid understanding of the learning content covered.

Key takeaways:
- Gain a solid understanding of the most up to date snapshot of cyber security for Supply Chain and Trusted Partners
- Essentials skills for defining which business areas in your company and environment should be covered when you build SC&TP cybersecurity
- In depth understanding of cross-standard SC&TP cyber-security assessment: identifying which security standards you might use to protect your assets
- Access to an expert-recommended set of commercial and open-source tools covering a range of SC&TP cybersecurity to protect your assets
- Practical and strategic knowledge on how to better protect your organization against SC&TP attack vectors
- Ready to use HOWTO steps to build or enhance your own SC&TP cybersecurity framework

Recommended for: Risk Management roles, OT Management companies, System Integrators, IT/OT Security Managers