Nanotechnology-Behavior-and-Supply-Chains-Managing-Risk-at-a-Platform-Level.pptx

1、-Nanotechnology, Behavior & SupplyChains: Managing Risk at a PlatformLevel-#RSACPlatform: platform /platfrm/A group of technologies that are used as a baseupon which other applications, processes ortechnologies are developed.#RSACManagingon#RSACPlatforms are EverywhereManaginon#RSACLawmakers/Regulat

2、orsCloud ProvidersEmployees/Consultants#RSACUnaccounted for RiskIndicia of TrustClosing Trust Gaps6#RSACCloud is a Foundation for the Platform RevolutionIaaSPaaSCaaSDaaSSaaSSTaaSITaaSNaaSDbaaSDRaaSSECaaSHaaSMaaSAccountability Demands Verification#RSACCheck &VerifyTechnology &OperationsAccountability

3、 &Integrity8Accountability Requires Visibility#RSAC9#RSACHow Many Cows Are In a Burger?10H#RSAC#RSACWhat is Lurking In the Shadows?12#RSACTRUST13#RSACTRUSTY O U C A N TW H A T Y O U C A N TP E T E R D R U C K E R14#RSACEnd-to-End Value Chain SecurityS U P P LYD E L I V E R YS E R V I C ES e c u r i

4、t yI n f o r m a t i o n L a y e rTa i n t e d S o l u t i o n sB e h a v i o r a l L a y e rL o g i c a l L a y e rC o u n t e r f e i t e d P a r t sP h y s i c a l L a y e rTe c h n i c a l L a y e rQ u a l i t yN o n c o m p l i a n t P r o d u c t sN o n c o n f o r m i n g P a r t sS A F E T Y

5、R E V E N U EU P T I M E15#RSACCan Trust Scale?CLASSIFIEDEMBEDDED IDENCRYPTED RFIDDNATAGGANTSSECURITY INKRFIDHOLOGRAMSBARCODE/QRPAPERSCALESCALEBuildingTRUSTHuman AccountabilityIdentity of Things17#RSACi nW th ha etF w ui tlu l r Ideentity Look Like in the Future? Single item serialization Down to co

6、mponent level Cradle to grave Secure by design18#RSACAchieve AccountabilityVerifiable / AuditableImmutable supply chain dataIncentivize positive behaviorCreate human-centric policies19#RSACTRUST = the RIGHT Security RIGHT Place RIGHT TimeTRUSTPackage End-to-end multi-tier unifying architecture Addre

7、ss needs & constraints of differentProductstakeholders in the value chain Empower every node in the productAssemblylifecycle ecosystem Evolving & dynamic rolloutComponent20#RSACTa ke the Stakeholders PerspectiveSUPPLIERBUYERDemonstrate Quality& ComplianceManage Quality &ComplianceDistribution & Serv

8、iceNetwork MonitoringEfficient SourcingQualificationDownstream ProductTrackingUpstream ComponentValidation21Third Party Threats & Threat ImpactsThreatsThreat ImpactsManipulationEspionageDisruptionTainted HWCounterfeitIP MisuseInformation Security Breach#RSACAn Adaptable Security ArchitecturePersonne

9、l Securityecurity in Manufacturing & OperationsThird-Tier Partner SecuritySecurity in Service ManagementSecurity in Logistics & StorageInformation ProtectionSecurity Engineering & ArchitecturePhysical & Environmental SecuritySecurity Incident ManagementAsset Management#RSACAn Architectural Layered A

10、pproachInformation SecurityBehavioral SecurityTechnical SecurityPhysical SecurityLogical Security#RSACSteps to Manage Risk at the Platform LevelApply what you have learned:dentify and list the security assumptions about yourplatformsDefine the security requirements for your assetsSeek a robust thread of trust across your platforms valuechainsWork together with your 3rd party partners to deployeffective solutions to ensure that verifiable TRUST is achieved25Transparency and Trust