Articles Tagged with ''supply chain''

5 minutes with Jonathan Ehret – The need for third-party risk management in cybersecurity

March 22, 2021

The SolarWinds hack is a strong reminder why third-party risk management is so important. Not only was SolarWinds breached, but the hack is now believed to have affected upward of 250 federal agencies and businesses. Here, we speak to Jonathan Ehret, Vice President of Strategy & Risk at RiskRecon, who believes organizations should be asking their vendors about the third-party risk management and cybersecurity policies they have in place to protect against a breach and leak of critical data.

5 minutes with Seth Rachlin - SolarWinds, cyberattacks and cyber insurance

Maria Henriquez

March 19, 2021

The SolarWinds supply chain attack has, to date, impacted nine government agencies and as many as 100 private sector companies, according to some reports. By the time the full extent of the hack is known, it may be the most widespread security breach on record. But what does this mean for the organizations impacted and is it potentially insurable? In light of the massive cyberattack, we spoke to Seth Rachlin, Executive Vice President and Insurance Lead at Capgemini, to discuss the implications of this attack and the fast-growing cyber insurance market.

Molson Coors beer production disrupted after cyberattack

Maria Henriquez

March 12, 2021

Molson Coors Beverage Company, a multinational drink and brewing company headquartered in Chicago in the United States, has suffered a cyberattack that has halted its beer-making production.

Designing an integrated cybersecurity approach to cloud migration strategies

March 5, 2021

In a paper released recently, “An integrated cyber approach to your cloud migration strategy,” Deloitte explores how an integrated cloud-cyber strategy enables organizations to use cyber as a differentiator, and outlines how cybersecurity teams must adapt.

CISA releases COVID-19 vaccine physical security guidance

March 2, 2021

CISA created the COVID-19 Vaccine Distribution Physical Security Measures guidance. This guidance provides a non-comprehensive list of physical security resources available to the public to help facility owners and operators enhance their physical security to protect workers and individuals.

CISA announces extension of the Information and Communications Technology (ICT) Supply Chain Risk Management Task Force

Extension will allow the Task Force to continue its work as outlined in its recently released Year 2 Report and position itself to support the supply chain risk management imperative in 2021

February 9, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) announced a six-month extension of the Information and Communications Technology (ICT) Supply Chain Risk Management Task Force. The Task Force, chaired by CISA and the Information Technology (IT) and Communications Sector Coordinating Councils, is a public-private partnership composed of a diverse range of representatives from large and small private sector organizations charged with identifying challenges and devising workable solutions and recommendations for managing risks to the global ICT supply chain.

First-ever Girls Scouts Supply Chain Patch for future female executives

Future female executives earn first-ever Girl Scouts' supply-chain patch

December 18, 2020

Girl Scouts of Tropical Florida (GSTF), Ryder System Inc. and the University of Tennessee's Global Supply Chain Institute partnered to create supply-chain curriculum for K-12.

CISA releases ICT supply chain risk management task force year 2 report

December 18, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) and government and industry members of the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force released an annual report on its progress to advance meaningful partnerships and analysis around supply chain security and resilience.

Lazarus misuses legitimate security software in a supply-chain attack in South Korea

November 17, 2020

ESET researchers recently discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus since South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.

The Daily Challenges of Supply Chain Security

CISA releases analysis report on COVID-19 impact to ICT global supply chains

November 9, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) and government and industry members of the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force released an analysis report on the impact of COVID-19 on global supply chains. Building A More Resilient ICT Supply Chain: Lessons Learned During The COVID-19 Pandemic examines how ICT supply chains have been logistically impacted by the pandemic and provides practical recommendations to increase supply chain resiliency from future risks.

OSHA fines grab headlines, but most compliance issues start with everyday operational gaps: missed protocols, unsecured areas, or slow response. Learn how emerging technologies & AI can be leveraged towards a more proactive model of compliance.

Security teams have never had more visibility. We’ll explore how a new decision layer is helping security teams move from detection to decision. Turn alerts into decision-ready context, reducing reliance on manual triage and enabling faster action.