Supply Chain Risk in the Cybersecurity Industry

User Generated

Dngnevrf

Business Finance

Description

Industry Risk Profile Part 2: Supply Chain Risk in the Cybersecurity Industry

For this paper, you will research and report upon the problem of Supply Chain Risk as it pertains to the cybersecurity industry. You will also investigate due diligence and other business processes / strategies which can be used to mitigate the impacts of supply chain risk for companies who produce and sell cybersecurity related products and services.

Research

Write

  • An introduction section which provides a brief overview of the problem of supply chain risk as it pertains to the cybersecurity industry.
  • A supply chain risks section in which you identify and describe 5 or more specific sources of supply chain risk which impact cybersecurity related products and services.
  • A due diligence section in which you address the use of diligence processes (investigating suppliers before entering into contracts) as a supply chain risk management strategy. Include 5 or more cybersecurity related questions which should be asked of suppliers during the due diligence process.
  • A best practices section in which you address 5 or more best practices for managing global supply chain risks in the cybersecurity industry. You must also provide an evaluation of the expected benefits from implementing each of these practices.
  • A summary and conclusions section in which you present an overall picture of the supply chain risk problem in the cybersecurity industry and best practices for managing supply chain risks.

Submit For Grading

Submit your case study in MS Word format (.docx or .doc file) using the Case Study #1 Assignment in your assignment folder. (Attach the file.)

Additional Information

  • Consult the grading rubric for specific content and formatting requirements for this assignment.
  • Your 5-8 page risk profile paper should be professional in appearance with consistent use of fonts, font sizes, margins, etc. You should use headings and page breaks to organize your paper.
  • Your paper should use standard terms and definitions for cybersecurity. See Course Content > Cybersecurity Concepts for recommended resources.
  • The CSIA program recommends that you follow standard APA formatting since this will give you a document that meets the “professional appearance” requirements. APA formatting guidelines and examples are found under Course Resources > APA Resources. An APA template file (MS Word format) has also been provided for your use CSIA_Basic_Paper_Template(APA_6ed,Nov2014).docx.
  • You must include a cover page with the assignment title, your name, and the due date. Your reference list must be on a separate page at the end of your file. These pages do not count towards the assignment’s page count.
  • You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
  • You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must follow a consistent citation style (APA, MLA, etc.).

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Attached.

Supply Chain Risk in the Cybersecurity Industry

Supply chain in the cybersecurity industry is one of the most dynamic market. any second and
just overnight one can wake up to a whole new world totally different as it was a second ago.
Technology changes rapidly and it is not limited by the time factor. This rapid change has put
supply chain in this industry at a very high risk. Most companies do not manufacture all the
hardware and software they ue. It is realistically impossible forcing every company to outsource
at a given point. This has called for scrutiny of the risks in supply chain.
Security begins at home. As much as companies strive to prevent breaching of their security, the
torch has now been pointed in the direction of manufacturing industries in ensuring the products
they supply are safe to use. For that reason, investors have embarked on research on various risks
they are exposed to and how best to mitigate them. some of the risks include; physical, security,
hardware, and software.
Physical risks involve employees, even from the least of positions in a company. A janitor can be
used to plug in malicious hardware in the system leading to a hack. Moreover, employee details
such as log in passwords, badges they use to enter the premises, especially electronic cards and
the luggage they carry when entering and leaving work premises are sensitive areas that can
result to a risk.
Moreover, security is a sensitive area in supply chain. Most cybersecurity manufacturing
companies are not keen on the amount of information they share with their vendors. They also do
not make a follow up to know if this information is shared by the vendors vendor and to what
extent. Also, security of the product during transportation between the manufacturers and their
vendors has not been clearly defined whether the responsibility lies with the vendor or

manufacturer. Cisco's main worry is their products being replaced by counterfeit goods on transit
thus damaging their reputation.
In addition to that, the hardware outsourced can cause a breach of security in the final product
produced by the manufacturer. The manufacturers mostly fail to check whether the hardware
could be compromised as long as it serves the purpose it is intended for. Target hack was as a
result of a third party weak system.
Also, the poor practices in software coding are a major concern in the cybersecurity supply
chain. With the boom of finding almost everything that one needs online, instead of third parties
building codes from scratch, they buy and at times get for free online codes without checking if
they could be compromised.
with all these vulnerabilities, it calls for due diligence to be done on third party companies.
Before settling on a given supplier, they need to be vetted to ensure they have attained the
required certification to provide the goods and/or services required of them. There is also the
need for cybersecurity manufacturing companies t...


Anonymous
Excellent resource! Really helped me get the gist of things.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags