Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

Ransom Attacks & Supply Chains :The Soft Underbelly of Secure Enterprise Systems

Aug 9, 2021 By Veriato In Veriato
The Veriato podcast guest for this month is Michael Owens, the Business Information Security Officer at Equifax and an all around rockstar when it comes to cybersecurity. He joins Dr. Christine Izuakor to discuss how supply chains are like the "soft underbelly" to gain access to otherwise secure enterprise systems.
View Video

Are We Forever Doomed By Software Supply Chain Risks? Cyber Week Israel 2021, Liran Tal

Aug 1, 2021 By Snyk In Snyk
The adoption of open-source software continues to grow and creates significant security concerns for everything from software supply chain attacks in language ecosystem registries to cloud-native application security concerns. In this session, we will explore how developers are targeted as a vehicle for malware distribution, how immensely we depend on open-source maintainers to release timely security fixes, and how the race to the cloud creates new security concerns for developers to cope with, as computing resources turn into infrastructure as code.
View Video

How to Secure Your Supply Chain

Jul 28, 2021 By Razorthorn In Razorthorn
We've talked about supply chain security before but it's a trend that doesn't appear to be going away - indeed, the number of attacks on service providers only seems to be increasing. Outsourcing is always a strategic risk for any business, but knowing that these attacks are getting more prevalent, what do you need to be doing to make sure your supply chain in secure? We talk about what needs considering to ensure your data isn't compromised by third party security issues. (Start at 7 mins 33 secs to skip to the 'how to').
View Video
tripwire

How Network Segmentation Can Protect Supply Chains from Ransomware Attacks

Jul 27, 2021 By Tripwire Guest Authors In Tripwire

Organizations can take various steps to protect their operational technology (OT) environments against digital threats. But some stand out more than others. In particular, network segmentation is described as “the first answer to insufficient ICS (Industrial Control System) cybersecurity.” Experts advocate zoning ICS assets to coordinate informational technology (IT) and OT environments effectively. That doesn’t always happen, however.

Read Post
tripwire

Last (Executive) Orders Please: Supply Chains, Policy and Modernising Cybersecurity

Jul 20, 2021 By Tripwire Guest Authors In Tripwire

An EO is a written, signed, and published directive from the President that manages operations of the federal government, and although some EO’s require legislative approval, they effectively become law. It comes on the back of several high profile incidents involving Microsoft (Exchange), SolarWinds and the recent Colonial Pipeline incident. It is seen as a much-needed step to modernise and protect federal networks and improve information sharing between the private and US government.

Read Post
mend

How Packages' External Resources Threaten Your Supply Chain

Jul 15, 2021 By Maciej Mensfeld In Mend

Many developers already know that in some ecosystems, open source dependencies might run their custom code from packages when they are being installed. While this capability can be used for both good and evil, today we’ll focus on a legit use case that, when misused, can escalate and be used to compromise your organization’s supply chain. If you haven’t guessed yet, I’m talking about downloading and linking external dependencies during the install process.

Read Post

Protect Your Retail Supply Chain Against Cyber Attacks

Jul 15, 2021 By SecurityScorecard In SecurityScorecard
The consumer goods and retail industry stores customer data in various digital platforms across multiple third-party vendors. This environment is perfect for cybercriminals to look for weak points to gain access to valuable customer data. Oftentimes, cybersecurity teams are focused too much on securing their own organization from the outside. As hacker techniques become more widespread and sophisticated, organizations must be able to see not only their own security posture but also their third parties’ from the viewpoint of the hackers’. What do hackers see and where are the weak points?
View Video
secude

Protecting the Supply Chain in COVID-19

Jul 14, 2021 By Secude In SECUDE
Supply chain cybersecurity is important at all times, but arguably even more so during the COVID-19 crisis. If a hack compromises the speedy delivery of vaccines, medical equipment, or drugs used to treat people suffering from the virus, everyone involved could face devastating consequences. Here are some proactive steps people can take to keep their sensitive supply chain data safe.
Read Post
synopsys

Reduce open source software risks in your supply chain

Jul 12, 2021 By Hugues Martin In Synopsys

Knowing what’s in your open source software, whether you’re a consumer or producer, can help you manage security risks in your supply chain Modern open source software (OSS) is a movement that started in the eighties as a reaction to commercial software becoming more closed and protected. It allowed academics, researchers, and hobbyists to access source code that they could reuse, modify, and distribute openly.

Read Post
teramind

Why the Biggest Threat Facing Supply Chains is on the Inside

Jun 16, 2021 By Isaac Kohen In Teramind

Businesses need to act now to survey their supply chain, developing the capacity to anticipate and respond to supply chain risks, minimizing the impact and optimizing opportunity. In March, the world witnessed a curious scene. A container ship longer than the Empire State Building became lodged in Egypt’s Suez Canal, creating an incredible spectacle as heavy construction equipment and a fleet of tug boats tried to dislodge the vessel from the canal walls.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.