Please fill in the form below to subscribe to our blog

Are You Protected if Your Supply Chain Gets Hacked?

April 13, 2017

In today’s world, it’s not uncommon for organization’s to have some type of system in place to protect themselves from a potential data breach. Many use secure password protocols, two factor authentication logins and even invest in cyber education for their employees to minimize the possibility of insider breaches.

Are those steps enough to eliminate the risk of a data breach? The answer to that question is a resounding no. There are numerous hidden entrances hackers can use, beginning with an organization’s supply chain.

No matter how secure your internal networks are, you can never ensure the same level of cyber security in your supply chain.

The Effects of a Data Breach

Cybercrime continues to grow, and a data breach can be devastating for any business, no matter the size. CSID estimates that the average cost of an infiltration is $6.53 million. For businesses whose customers rely on them to protect their sensitive information, such as law firms and banking facilities, a data breach can be a near fatal experience.

According to the SANS Institute, up to 80% of data breaches may originate in the supply chain.

In fact, this statistic applies to some of the most publicized data breaches, including those affecting Home Depot and Target.

Understanding The Risk

Consider this possibility: one of your suppliers sends you an email. They don’t realize it, but the email that they sent you contains malware that monitors the keystrokes on your keyboard. The hacker gets the login information to your network by monitoring your keystrokes.

Voila – they now have the keys to the castle. They can steal sensitive data and intellectual property with your login credentials.

How to Protect Yourself

So what can you do to minimize the chance of a data breach originating in your supply chain?

  1. Make network security protocols a factor that you consider when evaluating potential vendors. Make it part of your RFP process. You can’t afford to do business with vendors that endanger your proprietary data and intellectual property.
  1. Make sure your threat intelligence tool monitors your supply chain. Most threat intelligence platforms will monitor your stolen credentials on the Dark Web, but not those of your supply chain.
  1. Make sure your threat intelligence tool gives you timely notifications when stolen credentials from your organization and your supply chain appear on the Dark Web. Time is of the essence – you can take steps to secure your networks before stolen credentials are sold to cyber criminals. You can also alert your supply chain when their stolen credentials are showing up on the Dark Web.

Keep in mind that most cyber criminals will prey on the easy targets. If you harden your defenses and make sure your supply chain is protected, many cyber criminals will look for an easier target.

If you’d like to learn more about how to monitor your supply chain for potential data breaches, please contact an expert at ID Agent.