When companies buy digital products, they expect them to be secure. In most cases, they don’t test for vulnerabilities down the digital supply chain — and don’t even have adequate processes or tools to do so. Hackers have taken note, and incidents of supply chain cyber-attacks, which exploit weaknesses within the digital supply chain to break into organizations’ internal networks, are on the rise. As a result, there have been many headline incidents that not only bring shame to the companies involved, but rachet up the visibility of these threats to top executives who want to know their offerings are secure.
Leaders need new ways to reduce supply chain cybersecurity risks, whether they’re buying digital products and or producing them.
Supply chain vulnerabilities have led to some of the most dramatic cyber attacks in recent years. During the NotPetya cyberattack in 2017, power plants, banks, metro systems, and the world’s largest container shipping company were just some of the victims of malware delivered through the updating process of an accounting software package commonly used by companies in Ukraine. The malware then spread to other systems…
