Minimizing the risk of supply chain attacks – best practice guidelines

Credit to Author: Doug Aamoth| Date: Wed, 28 Apr 2021 10:00:29 +0000

The recent cyberattack on IT-monitoring company SolarWinds pushed supply chain weaknesses into the spotlight by highlighting just how unprepared many organizations are when it comes to defending against supply chain attacks. These attacks often happen because they don’t know where to start or don’t believe themselves important or high-profile enough to be targeted. In our [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/21_LQ5JquEQ” height=”1″ width=”1″ alt=””/>

Read more

Securing your supply chain from third party risk

Credit to Author: Chester Wisniewski| Date: Wed, 03 Mar 2021 09:00:30 +0000

Supply chain security is becoming an ever more pressing concern for many businesses, yet it is a very complex problem to approach.   There are two primary methods of addressing these concerns. One is to attempt to assess the security of your suppliers and business partners; the other is to identify high risk interactions and implement compensating controls.  Assessing [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/bmAH-BYFHXY” height=”1″ width=”1″ alt=””/>

Read more

Supply Chain Security 101: An Expert’s View

Credit to Author: BrianKrebs| Date: Sat, 13 Oct 2018 01:03:12 +0000

Earlier this month I spoke at a cybersecurity conference in Albany, N.Y. alongside Tony Sager, senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency. We  talked at length about many issues, including supply chain security, and I asked Sager whether he’d heard anything about rumors that Supermicro — a high tech firm in San Jose, Calif. — had allegedly inserted hardware backdoors in technology sold to a number of American companies.

Read more