Security News > 2022 > August > How to minimize your exposure to supply chain attacks
Supply chain attacks are on the rise, and many organizations seem unsure on how to respond to the threat, but I'm here to tell you that there are several steps you can take to minimize your risk of being involved in a supply chain breach.
To minimize any unknowns, start with a full audit of your IT environment, including any unapproved shadow IT. You need to understand exactly what hardware, software and SaaS products are being used, where the security gaps lie, and which vendors and partners your business relies on - including the nature of those interactions, from the types of data they process to system interfaces and various levels of integration.
How strong is your suppliers' security posture, what is their understanding of vulnerable areas and how are they bolstering their defenses? Being specific with tailored questions will yield better results.
Each vendor in your portfolio should be able to explain how they are protecting themselves and their customers against attacks, including how they restrict access to systems and how they encrypt data.
Users must know how to spot suspicious activity - such as phishing emails - and they should always be strongly encouraged to report anything unusual, no matter how trivial it seems.
Contractual security language will not only protect your organization by having vendors abide by best practices - it will set the cadence for the entire relationship.
News URL
https://www.helpnetsecurity.com/2022/08/03/how-to-minimize-your-exposure-to-supply-chain-attacks/
Related news
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- Ultralytics Supply-Chain Attack (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)