Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Supply Chain Cyber Risk: Your Digital Shadow is Getting Longer

Many of the most high-profile breaches have been a result of weak links in an organization’s supply chain. The cyber attacks on Target, Home Depot and the U.S. Office of Personnel Management (OPM) are just a few examples.

Many of the most high-profile breaches have been a result of weak links in an organization’s supply chain. The cyber attacks on Target, Home Depot and the U.S. Office of Personnel Management (OPM) are just a few examples.

In an era when organizations are sharing increasing volumes of digital information with suppliers and providing them access to their networks, this shouldn’t come as a surprise. Sophisticated adversaries are finding vulnerabilities wherever they can, and often that means looking to an organization’s partners for weaknesses in defenses. Using the partner as a ‘stepping stone,’ they gain access to their ultimate target.

No industry is safe from supply chain cyber risk. In its annual study of manufacturers, accounting and consulting organization BDO USA, found for the first time that cyber risk ranks among respondents’ top 10 risk factors. It’s also a concern in the maritime industry. In an effort to reduce risk to any organization that has an ocean cargo aspect to their supply chain, the new Intelligence Authorization Act of 2017 includes legislation to address cybersecurity at the 360 U.S. commercial seaports.

We all know that traditional defenses that focus on protecting the perimeter are no longer sufficient. Attackers are identifying new vulnerabilities by actively surveying your organization’s digital shadow, a subset of your digital footprint that consists of exposed personal, technical or organizational information that is often highly confidential, sensitive or proprietary. And as your supply chain gets longer so does your digital shadow, affording cyber criminals more opportunities to steal valuable data and launch devastating cyber attacks.

Cyber Supply Chain RisksOrganizations need a proactive approach to defend against targeted attacks by engaging in supply chain security and through greater cyber situational awareness.

SANS defines supply chain security as “a program that focuses on the potential risks associated with an organization’s suppliers of goods and services, many of which may have extensive access to resources and assets within the enterprise environment or to an organization’s customer environments, some of which may be sensitive in nature.” This begins with involving supply chain managers in cybersecurity, working with IT and security practitioners to identify which areas of their supply chain may be vulnerable to cyberattacks, and together establishing guidelines and controls for suppliers. Supply chain managers must then collaborate with their suppliers to help ensure they are following best practices in cybersecurity. And all of this must be done without disrupting supply chain operations.

Cyber situational awareness complements these efforts by providing organizations with an attacker’s eye view into information about themselves that is available online. It then alerts you to potential threats, instances of sensitive data loss, or compromised brand integrity. Using that information you can prevent, detect and contain cyber-related incidents.

Information is gathered by examining millions of social sites, cloud-based file sharing sites and other points of compromise across a multi-lingual, global environment spanning the visible, dark and deep web.

Cyber situational awareness provides relevant and contextual insight based on data that is company specific and pertains to the industry, company size and geography. Specific to supply chain security, this may even include information about key partners that bad actors could use to infiltrate an organization’s network. Cyber situational awareness also analyzes and provides information on which malicious actors might be targeting an organization, why and their methods of attack. This can be used to identify attackers that rely on tactics, techniques and procedures (TTPs) that involve supply chain partners.

Advertisement. Scroll to continue reading.

There are numerous examples of cyber attacks that stem from weaknesses in a supplier’s defenses. The Brisbane City Council in Australia reportedly suffered a $450,000 AUD loss due to a successful business email compromise attempt. Attackers reportedly posed as a supplier to the council via “legitimate-looking” emails and phone calls, and requested that payment details be changed, causing funds to be transferred to an attacker-controlled bank account. Awareness of these tactics can inform security efforts to train and educate employees.

Exploit kit developers are constantly looking to incorporate new exploits for the latest vulnerabilities in software like Flash, Java and Oracle. Many organizations use this software, so gaining awareness of the most commonly exploited vulnerabilities helps to prioritize patching procedures.

Clearly cyber situational awareness plays a critical role in helping organizations to understand what they need to do right now to stop attacks and mitigate supply chain risk. However, it can also be used strategically, to strengthen supply chain security by helping organizations to understand how to make the right investments for more effective defenses as their digital shadows get longer.

Written By

Alastair Paterson is the CEO and co-founder of Harmonic Security, enabling companies to adopt Generative AI without risk to their sensitive data. Prior to this he co-founded and was CEO of the cyber security company Digital Shadows from its inception in 2011 until its acquisition by ReliaQuest/KKR for $160m in July 2022. Alastair led the company to become an international, industry-recognised leader in threat intelligence and digital risk protection.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...