Purchasing News Hubb
Advertisement
  • Home
  • Procurement
  • Supply Chain
  • Contact us
No Result
View All Result
  • Home
  • Procurement
  • Supply Chain
  • Contact us
No Result
View All Result
Purchasing News Hubb
No Result
View All Result
Home Supply Chain

What we have learned from the most severe supply chain cyber attacks

admin by admin
August 29, 2022
in Supply Chain


Pixabay

In the modern world of business, outsourcing has become increasingly popular due to its multitude of benefits; from cost-saving to accessing specialized skill sets and resources. Every major business is therefore likely to be part of a complex supply chain of third parties that depend on the delivery from one another. This business strategy, however, means that if one part of the system fails, the entire ecosystem can collapse. The COVID-19 pandemic and its waves of social isolation have increased our reliance on digital tools and the use of cloud-based technologies for data storage, therefore dramatically increasing the opportunity for cyberattacks. Recent research by IBM found that in 2022, the cost of a data breach averaged US $4.35 million, which is the highest it has been since IBM had begun reporting almost two decades ago. Threat actors have sharpened their tactics and have shifted their attention to vulnerable vendors within an organization’s supply chain, stressing the need for business teams to adopt sophisticated risk management tools.

Human error as a common denominator

Calculations by Gartner have recently predicted that by 2025, 45% of organisations globally will have suffered an attack on their software supply chain. Unfortunately, human error continues to feature in most reported data breaches. Over and over, we hear stories of archaic risk reporting methods consisting of never-ending email chains, outdated excel sheets and worm-holes of desktop folders. Risks and vulnerability detection within the vendor tail begin to sit within a blind spot that slips under the radar and is only detected once it is too late.

On the surface, supply chain attacks appear as isolated and unfortunate incidents. However, they are actually a symptom of deep-set, interconnected flaws within the supply chain ecosystem. Supply chain attacks are unique in that they can take months to succeed, as threat actors lay low within networks that they have broken into, waiting for the opportunity to target high-value data. The European Union Agency of Cybersecurity found that 58% of supply chain incidents predominantly targeted customer data. This exploitation inflicts irreversible damage on the customer-supplier relationship.

Overwhelmed risk management teams

Unnecessary manual processes conducted by vendor management teams restrict business growth, as the workforce is overwhelmed and overstretched beyond their capabilities. This issue results in an “alert fatigue“, where existing security teams are flooded with security breach alerts and warning signs, and only left with the capacity to prioritize vendors that represent the greatest risk to the organization. Teams require intelligent tools that automate risk surveys and integrated risk tracking, which will then empower the organization to deal with the risk at hand rather than waste valuable time detecting it.

The solution

Fortunately, cybersecurity threats do not have to be an inevitable fate that organizations must face. Luckily, there are top-of-class technologies designed to uplift the manual workload of your vendor management team so that they can focus their valuable time on resolving threats rather than detecting them. Brooklyn Vendor Assurance’s E-Meet is an automated vendor management capability that enables teams to proactively contain cybersecurity risks far down the vendor tail; for smaller suppliers that lack regular governance from supplier managers who are dedicated to larger, more material-outsource relationships. The capability goes a step beyond generic survey tools that solely retrieve your data by uncovering what’s valuable within your survey results and acting upon the data with automated workflows and risk detection. Our advanced risk tracking measures are woven into the fabric of the organization and all future processes as they are contextualized against business governance and structure. For UK/European financial services firms, E-Meet is automatically compliant with PRA/EBA Policies, so that your company can remain fit-for-audit whilst executing top-priority tasks.

In fact, recently a large retailer customer of Brooklyn detected, managed and mitigated the Log4J threat across hundreds of their suppliers in the distant vendor tail – all hands-free, with no direct interaction, unless and until a digitized risk managed policy was far underway through Brooklyn; E-Meet automation and it was time to bring in the Infosec human experts, with facts in hand and first steps done via automation.

Centralized visibility is a vulnerability within the supply chain that affects all facets of an organization and should therefore be integrated into the supply chain profile into a color-coded system that can be interpreted at a glance. E-Meet collates all vendor feedback and funnels the data into a central scoring mechanism.

Brooklyn Vendor Assurance is constantly evolving and improving, as we regularly consider our user feedback and build new functionalities to stay ahead of market needs and empower our users to maintain relationships with their supply chain.

Do you want to protect your organization from future cybersecurity threats? Request a demo, or get in touch at info@brooklynva.com.



Source link

Previous Post

Supplier Risk Management for Government Organizations in Australia

Next Post

PODCAST: Designing an end-to-end ecosystem approach to procurement – Part four

Next Post

PODCAST: Designing an end-to-end ecosystem approach to procurement – Part four

Recommended

Forced labor compliance series: regulations and procurement’s role

December 21, 2022

Increasing your supplier diversity is easier than you think

January 18, 2023

Don't miss it

Procurement

$7 billion passenger train procurement signed and sealed by QLD Government

February 7, 2023
Supply Chain

Vendor Analysis — Supplier Ratings and Reviews solution

February 7, 2023
Procurement

Assessing the Effectiveness of Procurement Training Programs

February 7, 2023
Procurement

The Big Interview With Ed Cross : Interim Insight

February 7, 2023
Procurement

Two out of three companies failing to address modern slavery risks – calls to revamp laws

February 6, 2023
Supply Chain

Vendor Analysis — Contractor and Project Management solution

February 6, 2023

© 2022 Purchasing News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • Procurement
  • Supply Chain
  • Contact us

Newsletter Sign Up

No Result
View All Result
  • Home
  • Procurement
  • Supply Chain
  • Contact us

© 2022 Purchasing News Hubb All rights reserved.

Our Spring Sale Has Started

You can see how this popup was set up in our step-by-step guide: https://wppopupmaker.com/guides/auto-opening-announcement-popups/