Supply chain cybersecurity: Pain or pleasure?

2022-01-07 05:30

While it is common for IT departments to assess the official suppliers that a company might use for areas such as cloud services, it remains a longstanding business challenge to monitor the cybersecurity risks from suppliers across a company's whole supply chain.

Cyber attacks have become so advanced that the starting point of an attack is often not the primary target, but the weakest part of the underlying supply chain.

Of even greater risk is that manual processes make it harder for organizations to gain an overall picture of where cyber risks sit in the supply chain.

Worse still, systemic risks across the supply chain may leave the organization exposed to a catastrophic cyber event.

Again, the supplier assurance team can timetable and manage these ongoing reviews and focus on the governance of third-party risk - whether cyber, continuity, financial or regulatory - but executed by those with the domain expertise to speak with their counterparts in the supply chain.

Taking a formulated and strategic approach to managing supply chain cybersecurity and wider compliance issues, creates an environment where the different teams involved in supplier risk start to use shared information systems to record and visualize supplier risks.

News URL

https://www.helpnetsecurity.com/2022/01/07/supply-chain-cybersecurity/

#cybersecurity #supplychain