Close Encounters of the Third Kind

Updated: Jul 5

Your closest supplier can become your biggest problem. Overnight. Are you prepared?


Most organizations are not prepared for a 3rd party (supply-chain) cyber attack, and in today's' hyper-integrated economy, it means ignoring a significant business risk. And those risks have never been higher.


Why? Because it makes sense for the attackers.


Why waste efforts trying to hack a well-protected enterprise when you can quickly go through one of its suppliers. It also scales! The attackers gain access to multiple organizations through a single attack.


So don't wait for that 3 AM call from one of your suppliers telling them they have been hacked. Plan for it.


* Gain visibility to who your suppliers are. Some suppliers are obvious; some are not.


* Assess existing suppliers and new suppliers' cybersecurity posture and simulate your business impact, assuming they are breached.


* Educate your ecosystem on the importance of elevating their posture and demand thresholds to be met as part of doing business together.


* Facilitate a process that allows you to learn about incidents on your vendors' side as quickly as possible.


* Document suppliers' efforts to assess progress and compliance over time.


* Constantly monitor the landscape. Periodically is not enough.



Recent Posts

See All