CISOs already have a lot on their plates; putting new vulnerabilities on their own network shouldn’t be in addition. But every day, business units, departments, and people bring in connected devices that run compromised firmware, like security cameras, VPNs, printers, and phones. These are the new threat vectors for intellectual property theft across multiple industries and their supply chains.
China is the best at leveraging the supply chain to steal IP, national security, and corporate data by the use of hard-coded backdoors. According to Bloomberg, China’s theft of technology is the biggest threat to corporate America and the US military. And the Russians are experts at infiltrating the supply chain of trusted code as witnessed by the recent SolarWinds breach, along with 20-years’ worth of cyber espionage and attacks.