As many as 1 in 3 businesses have already experienced a cyberattack. The number of cyberattacks continues to rise: in 2022, there were 38% more cyber incidents than in 2021. And this is increasing exponentially; according to Cybersecurity Ventures, the costs of cyber incidents will rise to $8 trillion in 2023 and to $10.5 trillion in 2025. A cyberattack can cause enormous damage. With good preparation, the damage can be significantly limited, which is why practicing is so important. But are you aware that the danger of a cyberattack often comes through (digital) supply chain partners? Your supplier can be hit so hard that they cannot provide services for days, or even worse, the cybercriminal gains access to your company network through the supplier. What makes it all extra complex is that cyberattacks are often detected late. The cybercriminal then has had days to sometimes even months to steal customer data, disable backups, or steal R&D data. Additionally, you may be dealing with a supplier who doesn’t immediately inform you of the incident to avoid damaging their reputation.
Why Your Supply Chain Is So Vulnerable:
- The increasingly complex supply chains of the ecosystems that many organizations work with make each part of the chain vulnerable and protecting all elements difficult. The chain is as vulnerable as its weakest link. It is therefore important to work together to ensure there is no weak link.
- There is limited visibility of your suppliers' security measures. There are often unclear responsibilities in the chain and a lack of detail about cybersecurity in SLAs and contracts.
- You can't always choose the supplier that exactly meets your security requirements. That's why working together on the resilience of the chain is so important. This ensures that the whole is indeed secure.
Examples of Incidents in the Supply Chain:
- One of Company X's main suppliers had a stepping stone server break-in. This server provided access to X's network and was managed by the supplier. The attack was not actively shared by the supplier themselves; when the organization's SOC noticed the incident and contacted the supplier to verify, it was confirmed that there had been a server-related intrusion. The supplier already knew about it, but X had not yet been informed.
- You can't always choose the supplier that exactly meets your security requirements. That's why working together on the resilience of the chain is so important. This ensures that the whole is indeed secure.
- In 2020, hackers broke into the systems of the American SolarWind's systems and added malicious code (SUNBURST) to the software system. This system, called "Orion," was used worldwide by companies for managing IT resources. At that time, SolarWinds had 33,000 customers using this system, according to SEC documents.