“A series of high profile, very damaging attacks on companies has demonstrated that attackers have both the intent and ability to exploit vulnerabilities in supply chain security. This trend is real and growing. So, the need to act is clear.” – National Cyber Security Centre (NCSC)
There could hardly be a clearer assertion of supply chain cyber risk than this statement from NCSC.
Most businesses are well acquainted with the consequences of working with suppliers who are just not very good at what they do. But how well do they understand the consequences of working with previously dependable suppliers who, if compromised, could actually become downright dangerous?
This is a seismic shift in mindset, but it can only start to drive real security change if there is an accompanying understanding of which suppliers typically and specifically present which degree of risk – and where, therefore, defensive resources need to be focused in greater or lesser concentration.
Download full article here