Since the SolarWinds hack, it has become clear that you need to be aware of supply chain threats. In this blog, we explain what is going on.
Preparing your organisation against every possible kind of cyberattack is only a viable tactic if your suppliers and partners uphold the same high standards. If a SaaS supplier, for instance, falls victim to a hack or data breach, its customers are in danger as well.
A recent example of the actual risk to an entire ecosystem could be seen at the end of 2020 and the start of 2021. When security specialist FireEye discovered a nation state attack on SolarWinds, it had far reaching consequences. All around the world, companies and governments were put at risk because of vulnerabilities in one supplier’s security infrastructure. High profile victims included Microsoft, MalwareBytes and the United States Government.
Free (new!) white paper: UK companies are losing millions to cyberattacks, and what to do about it. Download it now!
What you can do
Protecting yourself from the risk posed by suppliers or partners can be extremely difficult: it is impossible to control or supervise their (critical) infrastructure and once an organisation has truly incorporated, for example, a SaaS solution, it has no other option but to trust in the solidity of their partner’s security.
Nevertheless, it is always possible to discuss a supplier’s defence mechanisms. It is every organisation’s duty to question new partners’ ways of working concerning cybersecurity – if a supplier is using outdated protocols, they have to be held accountable for endangering the ecosystem. Always ask which certifications they follow or whether they are educating their staff on new procedures and techniques.
Want to know more?
Find out about the latest trends in phishing and cyber threats. Download our new white paper today!
For more information on phishing, recognising and dealing with it, you can contact [email protected]
The Phished platform is available for a free 14 day trial.