Supply chain has caused many cybersecurity incidents in recent years, but the situation may be more complex than imagined. In addition to information technology departments needing to pay attention to information security when purchasing hardware and software equipment. There may also be cybersecurity issues in human resource, general affairs, and even marketing and customer service units. The introduction of IoT devices, cloud services, and outsourcing of data processing can all potentially cause serious cybersecurity incidents.

Before purchasing any services or products, the owner should have appropriate cybersecurity awareness and regulations to require the supplier to ensure the overall process's cybersecurity protection capabilities. Similarly, the supplier should also have independent requirements to ensure the safety and quality of the products and services provided. From supplier selection, acceptance to long-term maintenance cooperation, all are important procedures for supplier cybersecurity management.

We will analyze the roles and rights and obligations between owners and suppliers from the perspective of cybersecurity. Through actual cases, the respective rights and obligations of owners and suppliers. This will help listeners to better understand how to prevent cybersecurity threats from the supply chain.