Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

bytesafe

Software supply chain risks to keep an eye on in 2022

Feb 24, 2022 By Andreas Sommarström In Bytesafe

As a supply chain security vendor, the growth is far from surprising for us at Bytesafe - with the supply chain being a noticeable security blind spot for many organizations. A massive 62% of organizations claim to have been impacted by supply chain attacks in 2021 alone. Incidents like log4j, ua-parser-js and colors.js/faker.js have once again shown that it’s vital to use services like the Bytesafe Dependency Firewall.

Read Post
lookout

Breaking the Chain: Are You the Unintended Victim of a Supply Chain Attack?

Feb 18, 2022 By Hank Schless In Lookout

We’ve heard a lot about “supply chains” of various industries over the past couple of years, and the cybersecurity sector is no exception. When Colonial Pipeline was compromised by ransomware, it affected the physical supply of gasoline to consumers. On the software side, malware distributed through a SolarWinds update and vulnerabilities discovered in Apache’s Log4J created rippling effects for organizations around the world.

Read Post

Securing the digital supply chain Ep 7 Yaser M

Feb 17, 2022 By Riscosity In Riscosity
Yaser is a veteran in the construction industry and in this session we learn about what technologies are used in the construction technology sector, what are some of the gotchas that industry leaders should pay attention to and the various types of organizations that are there on the landscape..
View Video

Ep 6 Securing the digital supply chain featuring Prasad Ramakrishnan and Drew Daniels

Feb 16, 2022 By Riscosity In Riscosity
In this episode of Securing the digital supply chain we talk with two extremely accomplished security thought leaders from the Bay Area - Prasad Ramakrishnan, who is currently the CIO of freshworks and Drew Daniels who is a seasoned security savant and currently a senior member of SVCI. Both our guests have storied pasts in many well known companies, from startups to IPOs. We discuss SDLC, how to create successful security programs, the ins and outs of software supply chain management and some easter egg nuggets for vendors on how to approach CIOs and CISOs!
View Video

Ep 5 Securing the digital supply chain - Sai Kalur

Feb 11, 2022 By Riscosity In Riscosity
In this episode of Securing the digital supply chain we talk to one of the luminary stars in IT, security from the Bay Area - Sai Kalur. Sai talks about SDLC, software development processes, best practices, the considerations that drive pharma and health-tech companies. A great discussion for CISOs, CIOs, and security thought leaders.
View Video
Feroot

How to Protect the Software Supply Chain from Vulnerable Third-Party Code

Feb 8, 2022 By Ivan Tsarynny In Feroot

What happens when the software, scripts and code snippets that your business uses on your website and network have been compromised at the source? The compromise could be unintentional—perhaps the coders simply made a mistake. Or the compromise could be intentional—maybe hackers wrote a malicious script and promoted it as legitimate on a third-party library source to encourage users to download and install.

Read Post

Ep 4. Securing the Digital Supply Chain - Ken Carter, Jacob Elziq

Feb 5, 2022 By Riscosity In Riscosity
We talk about supply chain risk, GDPR, Data Audits, how companies can make sure their processes for transferring data to 3rd parties remain on track. Jacob highlights the interplay between DevOps and security. A very interesting discussion indeed. For full disclosure - Armature Systems is a partner of Riscosity, and helps clients with purchasing, deploying, and operationalizing Riscosity's platform..
View Video
Trustwave

Mitigating Third-Party Vendor Risk in Your Supply Chain

Feb 1, 2022 By Jessica Charter In Trustwave

A recent survey by the analyst firm Gartner showed that 89% of companies experienced a supplier risk event in the last five years; however, those companies' overall awareness and plans to mitigate lacked maturity. As a result, it is no longer enough to secure your own company's infrastructure. You must also evaluate the risk posed by third-party vendors and plan to monitor those organizations for breaches.

Read Post
Trustwave

6 Tips for Supply Chain Risk Management in 2022

Jan 31, 2022 By Henry Ward In Trustwave

Forrester recently predicted that in 2022, 60% of security incidents would involve third parties. Yikes! With such a large percentage of incidents taking place outside the confines of their organizations, corporate leaders need to know what to do to protect their business. So, here is a list of items to address to succeed at supply chain risk (SCR) management.

Read Post
CrowdStrike

Early Bird Catches the Wormhole: Observations from the StellarParticle Campaign

Jan 27, 2022 By CrowdStrike Services - CrowdStrike Intelligence In CrowdStrike

Supply chain compromises are an increasing threat that impacts a range of sectors, with threat actors leveraging access to support several motivations including financial gain (such as with the Kaseya ransomware attack) and espionage. Throughout 2020, an operation attributed to the Foreign Intelligence Service of the Russian Federation (SVR) by the U.S.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.