The Cyber Threatscape Report 2018 released by Accenture, predicts a broadening of cyber attacks against global supply chains as cyber-criminals, espionage and hacktivist groups continue to target supply chains and the strategic business partners for monetary, strategic and political gain.
Matan Or-El, Co-founder and CEO at Panorays:
“Accenture has recognized the rising threat of the supply chain. In fact, this past year has demonstrated that attackers are increasingly going after the organization’s weak spot – their suppliers – as an easier way to get into an organization. While evaluating the security risk emanating from a supplier, it’s important to understand the business and technological relationship between the supplier and the organizations. These relationships will not only define the level of risk, but will also help in understanding how to mitigate risk. For example, a certain third-party provider might process the organizations’ customer data while another third party may be outsourcing to a development firm holding the company’s IP. Both relationships need to be considered separately by the organization so that they can take the necessary steps to mitigate the risk posed by each supplier. For example, in the first case, the organization might be under regulatory requirements such as GDPR for European customer data. In the latter scenario, the company might consider steps such as code review and code sanitation controls to ensure the security of the components.”