Industrial Control Cyber Security Europe Conference | Cyber Senate industrial control critical infrastructure cyber security conference

Advanced 3rd Party Risk Management – Developing Trust Across the Supply Chain

Recent APT attacks affecting multiple sectors through a common attack surface have driven home the lesson that no matter how well we think we have secured our perimeters, our information and systems may still be vulnerable to attack through 3rd party systems with weak security controls. Individually we may all be resilient, but collectively we are not. As critical infrastructure relies more heavily on interconnectivity to function efficiently our mindset needs to evolve to consider cyber-vulnerability not as an individual, but a collective problem. Managing 3rd party risk runs deeper than many imagine and opens fundamental questions around the way we go about the business of building security into our systems and products. We can’t have a 360 degree view of supply chain security, but how can we move towards developing the trust and mechanisms to better support a collaborative approach to security with our suppliers, partners and interrelated sectors?

  • Nothing can be achieved in isolation – What are the barriers to meaningful collaboration between regulators, asset owners, integrators and vendors on mitigating cyber risk?
  • Do all parties concerned have a voice, and is it listened to?
  • Where might we be doubling our efforts and how can we streamline?
  • What work needs to be done around liability and mediation?
  • How are we faring with efforts to collaborate across the supply chain to develop fit for purpose standards regimes, audit compliance check lists and conformity assessments?

    avatar for Mo Ahddoud

    Mo Ahddoud

    Chief Information Security Officer, SGN
    Mo Ahddoud is a security expert who is currently serving as the Chief Information Security Officer at SGN, which manages and operates over 74,000 km of gas mains and services in Scotland and the south of England. Prior to coming to SGN, Mo acted as the International IT Security Lead… Read More →
    avatar for Marty Edwards

    Marty Edwards

    Managing Director. Former Director of the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, Automation Federation
    Marty Edwards, a globally recognized industrial control systems cybersecurity expert and speaker, serves as Managing Director of the Automation Federation. ( The Automation Federation—an association of non-profit member organizations—is dedicated to… Read More →
    avatar for Dave Weinstein

    Dave Weinstein

    VP of Threat Research, Claroty
    Dave Weinstein is the VP of Threat Research at Claroty. Prior to joining Claroty, Dave was the Chief Technology Officer of New Jersey. He began his career as an operations planner at U.S. Cyber Command, where he served for three years.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.


Newsletter Text

Stay Up To Date On Everything The Cyber Senate Is Doing. Click Here To Sign Up For Our Newsletter Today!