Supply chains, many stretching around the globe and some made up of tens of thousands of links, are critical to modern business. Strong supply chains allow for the economical development of products ranging from stuffed toys to enterprise applications. Unfortunately, the same supply chains that make business possible can also make it a far riskier proposition.
Third-party risk, of which supply chain risk is one component, is increasingly understood as critical in gaining a complete picture of the threats an organization faces. But how can an organization decide when to take a harder look at the supply chain? What are the signs or events that indicate special concern should govern supply chain relationships?
Before we look for those answers, we have to acknowledge that "supply chain" is a phrase with more than one definition. It can refer to the components and services that are brought together to create an organization's products. If can also refer to the software components, apps, and cloud services that developers use as part of enterprise applications (or applications licensed to customers). And it can refer to critical services like electrical power, water, and other energy sources required for both basic administration and manufacturing processes. The companies providing any of these can be both critical partner and tremendous threat through inadvertent criminal cyber activity.
Dark Reading talked to a number of cybersecurity professionals looking for best practices governing these third-party relationships. Out of those conversations came a half-dozen signs and indicators that your supply chain risk factors have shot up -- and your attention is needed.
(Image: Natalya Lys VIA Adobe Stock)