Navigating Supply Chain Cyber Risk
A Comprehensive Guide to Managing Third Party Cyber Risk
1st Edition
Published on 22. April 2025
232 pages
978-1-040-32508-7 (ISBN)
Description
Cybersecurity is typically viewed as the boogeyman, and vendors are responsible for 63% of reported data breaches in organisations. And as businesses grow, they will use more and more third parties to provide specialty services. Typical cybersecurity training programs focus on phishing awareness and email hygiene. This is not enough. Navigating Supply Chain Cyber Risk: A Comprehensive Guide to Managing Third Party Cyber Risk helps companies establish cyber vendor risk management programs and understand cybersecurity in its true context from a business perspective.
The concept of cybersecurity until recently has revolved around protecting the perimeter. Today we know that the concept of the perimeter is dead. The corporate perimeter in cyber terms is no longer limited to the enterprise alone, but extends to its business partners, associates, and third parties that connect to its IT systems. This book, written by leaders and cyber risk experts in business, is based on three years of research with the Fortune 1000 and cyber insurance industry carriers, reinsurers, and brokers and the collective wisdom and experience of the authors in Third Party Risk Management, and serves as a ready reference for developing policies, procedures, guidelines, and addressing evolving compliance requirements related to vendor cyber risk management. It is unique since it provides strategies and learnings that have shown to lower risk and demystify cyber risk when dealing with third and fourth parties.
The book is essential reading for CISOs, DPOs, CPOs, Sourcing Managers, Vendor Risk Managers, Chief Procurement Officers, Cyber Risk Managers, Compliance Managers, and other cyber stakeholders, as well as students in cyber security.
The concept of cybersecurity until recently has revolved around protecting the perimeter. Today we know that the concept of the perimeter is dead. The corporate perimeter in cyber terms is no longer limited to the enterprise alone, but extends to its business partners, associates, and third parties that connect to its IT systems. This book, written by leaders and cyber risk experts in business, is based on three years of research with the Fortune 1000 and cyber insurance industry carriers, reinsurers, and brokers and the collective wisdom and experience of the authors in Third Party Risk Management, and serves as a ready reference for developing policies, procedures, guidelines, and addressing evolving compliance requirements related to vendor cyber risk management. It is unique since it provides strategies and learnings that have shown to lower risk and demystify cyber risk when dealing with third and fourth parties.
The book is essential reading for CISOs, DPOs, CPOs, Sourcing Managers, Vendor Risk Managers, Chief Procurement Officers, Cyber Risk Managers, Compliance Managers, and other cyber stakeholders, as well as students in cyber security.
Reviews / Votes
"In a world where cyber risks are ever-evolving, Navigating Supply Chain Cyber Risk by Ariel Evans, Ajay Singh and Alex Golbin emerges as a vital resource. This book provides a clear and comprehensive roadmap for understanding, mitigating, and responding to third party cyber risks. Whether you're a seasoned security professional or just starting out, Evans, Singh and Golbin's insightful guidance empowers you to navigate the complex digital landscape. Here's what particularly impressed me:Practical and actionable: Navigating Supply Chain Cyber Risk goes beyond theory, offering practical steps and real-world examples to fortify your defenses.
Accessible and engaging: The writing style is clear and engaging, making complex topics understandable for a broad audience.
Comprehensive coverage: This book delves into a wide range of third party cyber risks, from data breaches to malware attacks, providing a holistic view of the threat landscape.
If you're looking to build a resilient and secure digital environment, Navigating Supply Chain Cyber Risk is a must-read."
Dr. Yoav Intrator, Chief Product Officer, RiskQ
"In an era where digital threats loom large over the intricate web of global supply chains, Navigating Supply Chain Cyber Risk emerges as a beacon of insight and practical wisdom. This book makes essential reading for anyone looking to navigate the complex intersection of supply chain management and cybersecurity. With its clear explanations, real-world examples, and actionable strategies, it equips professionals with requisite tools to protect their critical operations against cyber threats. A timely and valuable contribution to the field."
Nagendra Aswatha, Asst. Professor, Operations & Supply Chain Management
More details
Edition
1. Auflage
Language
English
Place of publication
London
United Kingdom
Publishing group
Taylor & Francis Ltd
Target group
College/higher education
Professional and scholarly
Illustrations
14 Tables, black and white; 8 Line drawings, black and white; 8 Illustrations, black and white
File size
5,28 MB
ISBN-13
978-1-040-32508-7 (9781040325087)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Ariel Evans
Navigating Supply Chain Cyber Risk
A Comprehensive Guide to Managing Third Party Cyber Risk
Book
06/2025
Routledge
Unfortunately, price unknown
Available (delivery time upon request)
Ariel Evans | Ajay Singh | Alex Golbin
Navigating Supply Chain Cyber Risk
A Comprehensive Guide to Managing Third Party Cyber Risk
Book
04/2025
1st Edition
Routledge
€53.40
Shipment within 10-20 days
Ariel Evans | Ajay Singh | Alex Golbin
Navigating Supply Chain Cyber Risk
A Comprehensive Guide to Managing Third Party Cyber Risk
Book
04/2025
1st Edition
Routledge
€177.00
Shipment within 10-20 days
Persons
Ariel Evans is a senior cybersecurity expert, serial entrepreneur, and award-winning author. She is the chairperson of the cybersecurity continuing education programs at Seton Hall University and Pace University and has been on the front lines of cybersecurity as a former CISO, and Cyber Risk Manager.
Ajay Singh is a Professor of Practice, corporate advisor, Fellow at the Institute of Directors, Former CEO, and award-winning author.
Alex Golbin is a Senior Financial Services Executive with over two decades of leading Risk Management, Enterprise Resiliency, Operations and Technology Transformation, Global Technology, Business Process Improvement, and leveraging state-of-the-art technology.
Ajay Singh is a Professor of Practice, corporate advisor, Fellow at the Institute of Directors, Former CEO, and award-winning author.
Alex Golbin is a Senior Financial Services Executive with over two decades of leading Risk Management, Enterprise Resiliency, Operations and Technology Transformation, Global Technology, Business Process Improvement, and leveraging state-of-the-art technology.
Content
Part I: The Case for Supply Chain Cyber Risk Management, 1: The Extended Enterprise, 2: Know Your Supply Chain, 3: Notable Supply Chain Cyber Events, 4: Challenges in Vendor Cyber Risk Management, Part II: Vendor Cyber Risk Management- Regulations and Compliance, 5: Vendor Cybersecurity Regulations, 6: HIPAA and Vendor Cyber Risk Management, 7: General Data Protection Regulation (GDPR), 8: California Consumer Privacy Act (CCPA), 9: New York State Department of Financial Services (NYDFS) Part 500, 10: Defense Federal Acquisition Regulation Supplement (DFARS), 11: Frameworks and Certifications,12: Attestations and Assessment Utilities, 13: SOC 2 Report, Part III: Building the Vendor Cyber Risk Management Program, 14: Preparation, 15: Due Diligence, 16: Risk Assessments, 17: Vendor Risk Quantification, 18: The Role of Policy & Procedure, 19: Internal Audit, 20: Third-Party Vendor Audit, Part IV: Future Perspectives in Vendor Cyber Risk Management, 21: The Way Forward
