Zac Warren, Senior Director of Cybersecurity Advisory at Tanium, EMEA, explains how supply chains can be secured against the growing pitfalls and what factors need to be considered.
Security experts are fully alert. Supply chains were formerly an economic source of profit for cybercriminals last year and this trend is still continuing in 2022. All it takes is one vulnerability, one successful hack and one compromised victim along the chain to reach the most lucrative target and access an even higher volume of corporate networks.
In the UAE, businesses have been addressing the acute pressures of the pandemic and their supply chain networks by turbo-charging digital operations and technology investments on the front end.
So how can supply chains be secured against the growing pitfalls? And what factors need to be considered?
The challenges of supply chain security
Managing supply chains end-to-end is like a mammoth task. Unfortunately, many companies still rely on manual spreadsheets to protect against cyber risks. However, the lack of visibility into their own IT assets and dependency on partners and suppliers poses a real threat to organizations.
Therefore, the first step is to answer a few questions: Who are the suppliers? What is their security like? And how are they using their data? Third-party vendors need to provide a comprehensive and accurate inventory of their IT assets to understand the status of endpoints and installed software versions and apply patches promptly to mitigate risks.
Since software security vulnerabilities in supply chain management can have drastic consequences, it is essential to perform rigorous due diligence before onboarding and reassess the relationship regularly.
However, many companies check off the topic of supply chain security as a one-time to-do. In addition, security teams are often called in too late in the onboarding process to be able to eliminate emerging risks.
Therefore, organizations need maximum visibility to analyze access rights and associated vulnerabilities. Furthermore, IT security teams need to verify that the hardware used does not contain any fraudulent components or malware and is not counterfeited.
Increasing demands on supply chains
So what differentiates attacks on supply chains from other targeted cyberattacks is the fact that there is a need for risk management to be applied across corporate boundaries. In doing so, supply chain cybersecurity requirements cannot be allowed to fall by the wayside.
The identification, assessment and mitigation of cyber risks in the supply chain is a critical factor in achieving an adequate level of IT security. Due to the increasing outsourcing of attacks to supply chains, IT security measures that focus exclusively on the company’s own operations are no longer sufficient.
Thus, it is clear that legal requirements for cybersecurity in the supply chain are becoming increasingly important. However, since legal regulations and technical measures cannot sufficiently map the required level of security, companies must rely on contractual regulations to contain risks as far as possible. At the end of the day, the companies that have the best security practices in place will operate most successfully.
Supply Chain Best Practices
Cyber risks span procurement, supplier management, supply chain continuity and quality, and transportation security. Therefore, it is important to know if the vendor’s software and hardware development process is documented and mitigation of known vulnerabilities has been considered in the product design.
To mitigate risks, companies should make sure all security requirements are written into all RFPs and contracts. Also, if a vendor is integrated into the supply chain, it is up to the security team to work closely together to eliminate potential vulnerabilities and security gaps.
Besides, the purchase of components must be strictly controlled. Source code must be obtained for purchased software. Secure boot processes look for authentication codes so that the system will not boot if the codes are not recognized.
Automating the build and test processes reduces the risk of human intervention, too. The best form of proactive risk management is tools that provide continuous endpoint visibility and give managers the control they need to respond quickly when it matters most.
Furthermore, the actual state of the security and operational environment can be visualized so that appropriate actions can be taken based on the data collected. By continuously monitoring endpoints for anomalous activity, real-time alerting can be used to notify security teams immediately when anomalies occur, so that actions to protect the network can be taken immediately.
Supply chain attacks have proven to be extremely rewarding targets for cybercriminals since the past year, and security experts predict that the number of attacks in this area will continue to rise in 2022. Companies that rely on platforms and services at various levels of a supply chain need to review their current strategies and be aware that security does not stop at their own network boundary.