Do you have a supply chain or just vendors? Do any or all of them present a breach potential? We apply massive resources to hardening perimeters and preventing infiltration of our information security systems, but what if our adversaries have a built-in presence and already have a foothold in the software, hardware, people and process components we select to create our infrastructure from day one? In this session we will talk about scoping your supply chain and applying breach avoidance, response understanding and practices to the management of your supply chain. We'll define the various components of the supply chain and discuss its vulnerabilities from both a data breach and fraud perspective. We will also explain the various protection mechanisms and post event response best practices from a seasoned practitioner point of view.