Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

ThreatQuotient

Anatomy of a Supply Chain Attack: How to Accelerate Incident Response and Threat Hunting

Aug 24, 2021 By Patrick Declusin In ThreatQuotient

In recent months, we’ve seen a sharp rise in software supply chain attacks that infect legitimate applications to distribute malware to users. SolarWinds, Codecov and Kesaya have all been victims of such attacks that went on to impact thousands of downstream businesses around the globe. Within minutes of these high-profile attacks making headline news, CEOs often ask: “Should we be concerned? How is it impacting us? What can we do to mitigate risk?” .

Read Post
upguard

What is the Digital Supply Chain?

Aug 13, 2021 By Kaushik Sen In UpGuard

The supply chain for any product has several moving parts. Each activity in the supply chain plays a role in the flow that begins with sourcing a product's raw materials and ends with delivering the finished goods to a customer. As with many other areas of modern business, digital technologies are redefining supply chains. With more technology comes increased cyber risks. This article explains digital supply chains along with their benefits and cybersecurity risks.

Read Post

Ransom Attacks & Supply Chains :The Soft Underbelly of Secure Enterprise Systems

Aug 9, 2021 By Veriato In Veriato
The Veriato podcast guest for this month is Michael Owens, the Business Information Security Officer at Equifax and an all around rockstar when it comes to cybersecurity. He joins Dr. Christine Izuakor to discuss how supply chains are like the "soft underbelly" to gain access to otherwise secure enterprise systems.
View Video

Are We Forever Doomed By Software Supply Chain Risks? Cyber Week Israel 2021, Liran Tal

Aug 1, 2021 By Snyk In Snyk
The adoption of open-source software continues to grow and creates significant security concerns for everything from software supply chain attacks in language ecosystem registries to cloud-native application security concerns. In this session, we will explore how developers are targeted as a vehicle for malware distribution, how immensely we depend on open-source maintainers to release timely security fixes, and how the race to the cloud creates new security concerns for developers to cope with, as computing resources turn into infrastructure as code.
View Video

How to Secure Your Supply Chain

Jul 28, 2021 By Razorthorn In Razorthorn
We've talked about supply chain security before but it's a trend that doesn't appear to be going away - indeed, the number of attacks on service providers only seems to be increasing. Outsourcing is always a strategic risk for any business, but knowing that these attacks are getting more prevalent, what do you need to be doing to make sure your supply chain in secure? We talk about what needs considering to ensure your data isn't compromised by third party security issues. (Start at 7 mins 33 secs to skip to the 'how to').
View Video
tripwire

How Network Segmentation Can Protect Supply Chains from Ransomware Attacks

Jul 27, 2021 By Tripwire Guest Authors In Tripwire

Organizations can take various steps to protect their operational technology (OT) environments against digital threats. But some stand out more than others. In particular, network segmentation is described as “the first answer to insufficient ICS (Industrial Control System) cybersecurity.” Experts advocate zoning ICS assets to coordinate informational technology (IT) and OT environments effectively. That doesn’t always happen, however.

Read Post
tripwire

Last (Executive) Orders Please: Supply Chains, Policy and Modernising Cybersecurity

Jul 20, 2021 By Tripwire Guest Authors In Tripwire

An EO is a written, signed, and published directive from the President that manages operations of the federal government, and although some EO’s require legislative approval, they effectively become law. It comes on the back of several high profile incidents involving Microsoft (Exchange), SolarWinds and the recent Colonial Pipeline incident. It is seen as a much-needed step to modernise and protect federal networks and improve information sharing between the private and US government.

Read Post
mend

How Packages' External Resources Threaten Your Supply Chain

Jul 15, 2021 By Maciej Mensfeld In Mend

Many developers already know that in some ecosystems, open source dependencies might run their custom code from packages when they are being installed. While this capability can be used for both good and evil, today we’ll focus on a legit use case that, when misused, can escalate and be used to compromise your organization’s supply chain. If you haven’t guessed yet, I’m talking about downloading and linking external dependencies during the install process.

Read Post

Protect Your Retail Supply Chain Against Cyber Attacks

Jul 15, 2021 By SecurityScorecard In SecurityScorecard
The consumer goods and retail industry stores customer data in various digital platforms across multiple third-party vendors. This environment is perfect for cybercriminals to look for weak points to gain access to valuable customer data. Oftentimes, cybersecurity teams are focused too much on securing their own organization from the outside. As hacker techniques become more widespread and sophisticated, organizations must be able to see not only their own security posture but also their third parties’ from the viewpoint of the hackers’. What do hackers see and where are the weak points?
View Video
Subscribe to Supply Chain

Copyright © 2024 OpsMatters™. All rights reserved.