Close Encounters of the Third Kind

Your closest supplier can become your biggest problem. Overnight. Are you prepared?

Most organizations are not prepared for a 3rd party (supply-chain) cyber attack, and in today's' hyper-integrated economy, it means ignoring a significant business risk. And those risks have never been higher.

Why? Because it makes sense for the attackers.

Why waste efforts trying to hack a well-protected enterprise when you can quickly go through one of its suppliers. It also scales! The attackers gain access to multiple organizations through a single attack.

So don't wait for that 3 AM call from one of your suppliers telling them they have been hacked. Plan for it.

* Gain visibility to who your suppliers are. Some suppliers are obvious; some are not.

* Assess existing suppliers and new suppliers' cybersecurity posture and simulate your business impact, assuming they are breached.

* Educate your ecosystem on the importance of elevating their posture and demand thresholds to be met as part of doing business together.

* Facilitate a process that allows you to learn about incidents on your vendors' side as quickly as possible.

* Document suppliers' efforts to assess progress and compliance over time.

* Constantly monitor the landscape. Periodically is not enough.