CIMTK: Third-Party/Supply Chain Incident Management Plan

Supply Chain Attacks (also called 3rd Party Attacks) are becoming more common as the numbers of outsourced services increases and attackers see these as ways to circumvent your primary security barriers. When one of your suppliers are compromised you need to kick off several key urgent risk related tasks that we have summarized on this cheat sheet. Your immediate objective is to understand your exposure to them and any attacker leveraging their access and permissions into your network or cloud data. This sheet is used in the 4-lab deep dive on Supply Chain attacks, in LDR553: Cyber Incident Management, were we assess, investigate, plan, and document our response and risks. Even if you can’t make the course, you can still benefit from the structured high-level Incident Management Plan.

September 21, 2023
Third-Party Supply Chain/Supply Chain Incident Management Plan