📝 General Introduction 

As organizations increasingly rely on digital systems to manage procurement and logistics operations, the need for robust information security becomes critical. These functions involve the exchange of sensitive data—contracts, supplier credentials, pricing structures, and shipment details—across internal and external networks.

Without proper safeguards, this data is vulnerable to cyberattacks, manipulation, and unauthorized access, which can disrupt supply chains, damage reputations, and result in financial losses. This 5-day workshop is designed to equip professionals with the knowledge and tools to protect information assets within procurement and logistics environments. Participants will explore cybersecurity fundamentals, risk analysis, access control, incident response, and compliance frameworks.

Through interactive sessions and practical exercises, attendees will learn how to build secure operational systems, respond to threats effectively, and foster a culture of cybersecurity across their teams. By the end of the program, participants will be prepared to lead secure, resilient, and trustworthy procurement and logistics operations.

🎯 Target Audience

• Procurement and contract officers
• Logistics and supply chain managers
• Information security and IT professionals
• Compliance and internal audit teams
• Business consultants in public and private sectors

🎯 Expected Objectives

• Understand the fundamentals of information security in procurement and logistics
• Analyze cybersecurity risks related to data exchange and contract management
• Apply data protection and privacy policies effectively
• Manage security incidents and emergency responses
• Promote a cybersecurity culture across operational teams

📚 Scientific Topics:

Axis 1: Fundamentals of Information Security in Procurement and Logistics

Session 1: Cybersecurity Concepts in Operational Environments

• Definition and goals of information security
• Common threats in procurement systems
• Importance of securing logistics data

Session 2: Digital Infrastructure in Procurement

• ERP and SCM systems and their vulnerabilities
• Data exchange points and weak links
• Challenges in securing electronic contracts

Axis 2: Risk Analysis and Access Management

Session 1: Assessing Cybersecurity Risks in Supply Chains

• Risk classification by source and impact
• Cyber risk analysis tools
• Prioritizing protection strategies

Session 2: Access Control and Privilege Management

• Secure access policies
• Two-factor authentication and login protocols
• Protecting accounts and systems from misuse

Axis 3: Data and System Protection

Session 1: Data Encryption and Secure Communication

• Encryption types used in procurement
• Securing emails and transactions
• Protecting internal and external networks

Session 2: System Defense Against Cyberattacks

• Types of cyber threats (ransomware, phishing, etc.)
• Early detection and response tools
• System updates and vulnerability management

Axis 4: Incident Management and Emergency Response

Session 1: Handling Security Incidents

• Steps for incident response
• Documentation and analysis of breaches
• Internal and external communication during crises

Session 2: Building an Emergency Response Plan

• Scenario planning and simulations
• Forming response teams
• Periodic review and updates of the plan

Axis 5: Compliance and Cybersecurity Culture

Session 1: Compliance with Standards and Policies

• International standards (e.g., ISO 27001)
• Organizational data protection policies
• Internal audits and security reporting

Session 2: Promoting Cyber Awareness in the Workplace

• Training operational teams
• Awareness campaigns and education
• Building a sustainable cybersecurity culture