CISSP Hustle and Flow Episode 8: Mastering Supply Chain Risk Management and Security Awareness

Episode 9: Mastering Supply Chain Risk Management and Security Awareness

In this episode of CISSP Hustle and Flow, we explore two essential aspects of information security: Supply Chain Risk Management (SCRM) and establishing an effective Security Awareness and Training Program. We discuss the growing risks posed by third-party suppliers, product tampering, and how to mitigate these dangers with third-party assessments, minimum security requirements, and tools like Software Bill of Materials (SBOM).

We also dive into techniques for engaging employees in security training, from phishing simulations and gamification to appointing security champions. Learn how to keep your workforce aware of modern threats like cryptocurrency, AI-driven attacks, and blockchain vulnerabilities.

Key takeaways include:

• Identifying and mitigating supply chain risks, including product tampering and counterfeit hardware
• Building a comprehensive security awareness program with phishing simulations and gamification
• Keeping training content relevant with emerging technologies
• Measuring and refining the effectiveness of your security training

Stay secure, stay ahead, and let’s dive into these crucial topics for any modern organization.