Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

ciso global

The Global Effort to Maintain Supply Chain Security | Part Two

Nov 7, 2024 By Various Cybersecurity Experts In CISO Global
A well-run kitchen requires a fully stocked pantry and a clear understanding of what’s on hand. In cybersecurity, your pantry is your asset inventory—every server, every piece of software, and even those firmware components lurking in the background. You wouldn’t want to cook without knowing exactly what ingredients are available, and you don’t want to secure your supply chain without knowing what’s in your digital inventory.
Read Post
upguard

What is Cyber Supply Chain Risk Management?

Oct 31, 2024 By Edward Kost In UpGuard
Cyber supply chain risk management (C-SCRM) is the process of identifying, assessing, and mitigating cybersecurity risks associated with an organization’s supply chain. Supply chains comprise multiple attack vectors, ranging from procurement tools to suppliers, developers, and third-party services. The complexity of this attack surface warrants a risk management strategy focused on supply chain risks as an extension to an existing third-party risk management program.
Read Post
Featured Post
cycognito

What Security Teams Need to Know About the EU's NIS 2 Directive

Oct 24, 2024 By Graham Rance, VP Global Pre-Sales In CyCognito
The deadline to get compliant with the EU's NIS 2 Directive is here. And this isn't just a minor update from its NIS 1 predecessor-it's a major expansion that carries with it new challenges and obligations. The directive now covers a whopping 300,000 organizations, up from just 20,000 under NIS 1. Sectors like aerospace, public administration, digital services, postal and courier services, and food production are now included. Organizations are classified into "essential" or "important" entities based on size and criticality to the economy.
Read Post

How to Easily Generate An Accurate SBOM with Black Duck SCA | Black Duck

Oct 17, 2024 By Synopsys In Synopsys
Did you know that open source code constitutes up to 95% of the code in your applications? This creates a web of dependencies that can pose security, quality, and compliance risks. Watch the video to streamline your SBOM generation process and take control of your software supply chain. Black Duck provides a solution by helping you generate an accurate software bill of materials (SBOM) in minutes, giving you visibility into your software supply chain.
View Video
Featured Post
bluevoyant

The Role of Cyber Security in Building Supply Chain Resilience and Efficiency

Oct 16, 2024 By Lorri Janssen-Anessi, Director of External Cyber Assessments In BlueVoyant
The COVID-19 pandemic exposed significant vulnerabilities in global supply chains. With technology companies scrambling to respond to unprecedented disruptions, it became clear that traditional supply chain models were no longer sufficient. When we look back on the supply chain crisis before and during the pandemic, it is easy to identify the areas of improvement because we now have so much more information and the benefit of hindsight, but during the crisis, it was extremely challenging to find immediate ad-hoc solutions, which clearly illuminated a lack of contingency planning.
Read Post
secude

Securing CAD files along the supply chain with HaloCAD

Oct 15, 2024 By Secude In SECUDE
Nowadays, the digital supply chain is both essential and vulnerable. According to Pinsent Masons annual cyber report, supply chain breaches were the most common form of cyber incident in 2023 occuring in one third of cases (up from 5% in 2022). Meanwhile, Gartner predicts that almost half (45%) of global organizations will suffer a digital supply chain attack by 2025. Nowadays, the digital supply chain is both essential and vulnerable.
Read Post
SecurityScorecard

What is Supply Chain Detection and Response?

Oct 7, 2024 By SecurityScorecard In SecurityScorecard
Supply chain detection and response (SCDR) is a solution for supply chain incident responders that drives critical issue identification, vendor responsiveness, and time to incident resolution. SCDR solutions provide risk intelligence, AI-driven workflows, and collaboration capabilities to improve the security posture of your organization and your suppliers.
Read Post
Snyk

The mysterious supply chain concern of string-width-cjs npm package

Oct 3, 2024 By Liran Tal In Snyk
This story starts when Sébastien Lorber, maintainer of Docusaurus, the React-based open-source documentation project, notices a Pull Request change to the package manifest. Here’s the change proposed to the popular cliui npm package: Specifically, drawing our attention to the npm dependencies change that use an unfamiliar syntax: Most developers would expect to see a semver version range in the value of a package or perhaps a Git or file-based URL.
Read Post
ciso global

A Treacherous Dinner Party: The Global Effort to Maintain Supply Chain Security

Sep 26, 2024 By Various Security Experts at CISO Global In CISO Global
…In the world of supply chain security, vigilance is your best friend. Stay informed, stay alert, and always prioritize security in your decisions. After all, in this interconnected digital world, we’re all in this together.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.