Report a cybercrime, cyber security incident or vulnerability.
Report

What are you looking for?

You can search for keywords to find pages that can help you e.g. scam

Content written for

Small & medium business
Large organisations & infrastructure
Government

In today’s interconnected environment, the cyber security of your supply chain is as critical as your own.

Every organisation relies on external suppliers, manufacturers, distributors, contractors or retailers to do business. Malicious actors can gain access to your important networks and information through your cyber supply chain.

Managing cyber security risk arising from your supply chain is a critical component of your overall cyber security strategy.

Your organisation is only as strong as your supply chain’s weakest link. Take action on your cyber supply chain risk by:

  1. mapping your cyber supply chain dependencies
  2. measuring, setting and evaluating obligations with your suppliers
  3. managing access to your network and reviewing permissions
  4. mentoring businesses in your cyber supply chain.

Discover more resources below to help you manage your cyber supply chain.

Cyber supply chain risk management

All organisations should consider cyber supply chain risk management. If a supplier, manufacturer, distributor or retailer (i.e. businesses that constitute a cyber supply chain) are involved in products or services used by an organisation, there will be a cyber supply chain risk originating from those businesses. Likewise, an organisation will transfer any cyber supply chain risk they hold to their customers.

Choosing secure and verifiable technologies

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and international partners have provided recommendations in this guide as a roadmap for choosing secure and verifiable technologies.

Identifying cyber supply chain risks

This guidance has been developed to assist organisations in identifying risks associated with their use of suppliers, manufacturers, distributors and retailers (i.e. businesses that constitute their cyber supply chain).

How to manage your security when engaging a managed service provider

Understand the actions organisations can take to manage the security risks posed by engaging and authorising network access for managed service providers.

Managed service providers: How to manage risk to customer networks

There are several mitigation strategies that managed service providers can implement to protect their own networks and manage the security risks posed to their customers’ networks.

Questions to ask managed service providers

Asking the right questions to managed service providers can help organisations better understand the cyber security of their systems and the services they provide.

A Shared Vision of Software Bill of Materials (SBOM) for Cybersecurity

This joint guidance informs organizations about the advantages of integrating an SBOM. Adoption of an SBOM enables greater visibility across an organization’s software supply chain and enterprise system by documenting software dependencies.

Artificial intelligence and machine learning: Supply chain risks and mitigations

This guidance is intended for organisations and staff that deploy or develop AI or ML systems and components.
Was this helpful?
Yes this was helpful
No this was not helpful

Thanks for your feedback!

We welcome additional feedback below.

Was this information easy to understand?
Will you take action after reading this?
Did you find the information you were looking for?
Did the design and layout of this page meet your expectations?