Supply chain attacks are on the rise, and the high financial impact of these attacks has resulted in focused attention on supply chain security by CEOs, boards and auditors. In this whitepaper sponsored by Panorays, John Pescatore, SANS Director of Emerging Security Trends, covers:

SANS Report:
Success Patterns for Supply Chain Security

10 Critical Issues 
to ask In Your Vendor Security Questionnaires

In today’s perilous cyber world, companies must carefully check their vendors’ cyber posture, and the initial vetting of any third party typically begins with a comprehensive security questionnaire. 

But these can be a headache, because many questionnaires include hundreds of questions, and many of them are irrelevant. What are the key questions that must be addressed to determine if vendors have a strong cyber posture? 

Does customer data leave the vendor’s production systems under any circumstances?

Does the vendor support single sign-on? 

Does the vendor have an employee security awareness program?

Key processes, skills and technologies required for an effective supply chain security program

Patterns of success at companies that implement and operate effective and affordable supply chain security programs


Business-relevant metrics that demonstrate the value of a supply chain security program


Quick wins for getting started improving the security of your company’s supply chain

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and “the occasional ballistic armor installation.” John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

By clicking submit, I consent to the use of my personal data in accordance with Panorays Privacy Policy. You can unsubscribe from emails at any time, and we will never pass your email onto third parties.