The Silent Threat: Third Party Cyber Risk
The December 2019 SolarWinds compromise, which was discovered not by the company itself, but by FireEye as they conducted an internal investigation on a breach in their systems, has proven to be a wake-up call, not just to cybersecurity companies but to business and government executives around the world. The wide-ranging impact of this attack — from companies from Microsoft to organizations like the U.S. Department of Homeland Security and Treasury — has demonstrated that “check-list security” for supply chain and vendor risk management will no longer be sufficient. Now more than ever before, knowing one’s vulnerable supply chain network dependencies must be a critical component of any cybersecurity program.
In this white paper, we will discuss what supply chain and third-party risk is and why it can be so difficult to understand, manage and mitigate. Next, we will share why layering threat intelligence onto your ecosystem’s external network footprint is critical.
Organizations can stay a step ahead of an exploit by leveraging solutions that combine continuous, external infrastructure monitoring with contextual threat intelligence to enable them to identify and mitigate risks and vulnerabilities of any asset connected to the internet — whether it is theirs or their supplier’s.