What if a computer virus could bring down global supply networks? The impact could reach far and wide.
Given globalisation the role of suppliers, partners, vendors, affiliates and third-parties have increased in scale and interconnectivity. Most businesses today rely on a network of suppliers to deliver a portion of their product or service offering.
Supply chains are a soft target for attackers
Supply chains hold access to vast amounts of sensitive information about their partners and have become a target for cyber attackers focused on corporate espionage or financial gain. According to reports, supply chain attacks increased by 78 percent in 2018. It is also estimated that almost half of all cyber-attacks worldwide target supply chains.
Recently Denver-based Visser Precision, a supplier to several major defence companies like Lockheed Martin, Boeing, General Dynamics and Space X, was hit by a major ransomware attack. It is alleged that cyber-criminals also stole sensitive documents from the company.
If your business model is to operate on a global supply chain, then it is critical that as a business, you acknowledge that cybersecurity risks are part and parcel of the game. Here is some practical advice that can help you build a secure foundation for your global business.
- Identify and protect what data is most important to your organisation and prioritise. Determine what makes data important: Assess revenue impact and regulatory concerns.
- Conduct a detailed assessment of your current and potential exposure to third-parties. Would you trust these partners at face value and if you don’t trust them what would you do to ensure that you minimise your risk? Evaluate all possible risks including physical theft or tampering, service interruptions, malware or ransomware attacks, data infiltration or exfiltration, vulnerabilities in third-party software or applications.
- When businesses operate independently, they have better control over risks. When you add third-parties to the mix, your risk goes up exponentially. Hence it’s critical for organizations to ensure that their partners and suppliers are meeting security standards and adhering to security policies, regulations and procedures. Culled from https://www.infosecurity-magazine.com