Supply Chain/Third Party Breaches – Your New #1 Highest Cyber Risk

For years the security community has viewed internal resources as presenting the greatest cyber risk to an entity. In 2021, shortly on the heels of the much-publicized SolarWinds breach, as well as many other supply chain/third party cyber breaches, it can be argued that supply chain/third parties now represent a greater cyber risk than insiders. This poses an extremely difficult problem to address given the number of third parties providing technology services to critical infrastructure entities and the nature of the services provided by the third parties. Even a mid-sized electric distribution utility can have more than 30 vendors that provide critical technology services and/or have access to the utility’s key systems – greatly increasing the entity’s attack surface, and the number of potential attack vectors, which can lead to a damaging breach. Read more Supply Chain/Third Party Breaches – Your New #1 Highest Cyber Risk