1

Supply Chains At Risk: Is There A Way Out?

Désolé, cet article est seulement disponible en Anglais et Russe. Pour le confort de l’utilisateur, le contenu est affiché ci-dessous dans la langue par défaut du site. Vous pouvez cliquer l’un des liens pour changer la langue du site en une autre langue disponible.

The question that keeps the CISO awake is: How do we ensure reliable cybersecurity along the entire supply chain? A series of high-profile cyberattacks this year has only underscored the importance of this topic.

If you have kids, you may be familiar with the online game Among Us. In it, players run around a space station and complete missions – until one of them gets killed. Then the remaining players have to guess which one of them is the killer and wreaks havoc. About the same thing happens now with cyberattacks on supply chains. From CloudHopper to SolarWinds, businesses have seen how email fraud and account compromise is taking down entire systems. What’s alarming is that companies can no longer rely solely on their security systems. Attackers only need to break through the protection of one company in the supply chain, and the door to everyone else in it opens.

The close interconnectivity between companies only plays into the hands of cybercriminals. When companies share data and assets, their vulnerabilities only multiply. This process can be compared to the dominoes falling one by one.

 

How do criminals work?

The main method cybercriminals use to attack supply chains is to pretend to be someone else. Cybercriminals can spend months tracking employees’ social media accounts and company press releases to get into the details of the supply chain. Then, they determine where they can slip in to trick employees, redirect invoices or induce employees to participate in phishing scams.

As large companies more often hire cybersecurity teams that can assess and contain the risk of such attacks, criminals are increasingly targeting smaller players. It’s the smaller companies that can give attackers that precious key to the massive data of global companies.

If ten years ago only the most sophisticated cybercriminals, usually sponsored by hostile governments, could disable national infrastructure and global businesses, now things have changed. According to the National Cyber Security Center, individual hackers carrying out ransomware attacks pose a greater threat to national security than ever before.

 

Is it possible to have reliable cybersecurity along the entire supply chain?

Anything is possible if all companies recognize their shared responsibility for supply chain cybersecurity. Everyone’s top priority is to ensure their security to protect stakeholders, customers, and customers. However, according to the DCMS 2021 study, only 12 percent of British businesses reported cybersecurity risk from their suppliers.

That is a sobering statistic that reflects a general disregard for cybersecurity on the part of senior executives. CISOs regularly express concern about the lack of resources.

Cybersecurity compliance assessments throughout the supply chain should be an integral part of every business operating in today’s online world, and suppliers need to have at least minimal cybersecurity requirements.

The fact is, the weakest link determines supply chain security, and we must not forget that.

 

Source: ComputerWeekly

Related Posts

card__image

What Is Social Engineering?

Désolé, cet article est seulement disponible en Anglais et Russe. Pour le confort de l’utilisateur, le contenu est affiché ci-dessous dans la langue par défaut du site. Vous pouvez cliquer l’un des liens pour changer la langue du site en une autre langue disponible. Social engineering is the art of manipulating, influencing, or deceiving to […]

card__image

TOP Misfortunate Passwords Of Fortune 500 Companies

Désolé, cet article est seulement disponible en Russe. Pour le confort de l’utilisateur, le contenu est affiché ci-dessous dans une autre langue. Vous pouvez cliquer le lien pour changer de langue active. Эксперты компании NordPass назвали самые неудачные пароли компаний из списка Fortune 500.   Исследователи проанализировали общедоступные базы скомпрометированных паролей, которые затронули компании из […]

Laisser un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *