Critical Infrastructure & Secured Cities (CI)

CI1-2 Cyber Supply Chain Risk

May 13, 2014

11:30 AM - 12:30 PM

Curtis KS Levinson 

Cyber Defense Advisory Subject Matter Expert for the U.S. at NATO

Supply chains are an essential part of our lives, although we don't often realize it. The water we drink comes from rivers, lakes or even the ocean. It is cleaned, processed and purified via many different steps in multiple locations. It is then delivered to us via pipes and we access it via faucets. Each of those steps is a supply chain.

Cyber space is composed of, and dependent on, supply chains. Our hardware and software are created in multiple locations by a multitude of suppliers and vendors. A single computer board may contain chips from many different nations, each with their own companies and manufacturing plant. Software is highly dependent on updates, which we receive mostly automatically and are directly incorporated in the software and systems we depend on daily. We as a technological society are getting more skilled at protecting our technology from cyber-attack by hardening our network perimeters, improving anti-virus/malware tools and encrypting everything we can.

The one thing we DO NOT do is evaluate what our cyber supply chain(s) are. We need to understand their importance to our daily tasks, to our lifestyles, and to our incomes. We need to begin looking into what our supply chains really are, understand their functionality and investigate ways to begin protecting them. Cyber supply chains are one of our most deadly vulnerabilities and we for the most part are totally unaware.

Session Learning Objectives:

  1. Understand the basic nature of cyber supply chain.
  2. Gain insight into cyber supply chain vulnerabilities.
  3. Learn how to begin protecting our cyber supply chains.

