Each partner in the software supply chain must understand their role in maintaining the security of the process. Transitioning from a blame-game to a proactive stance allows organizations to implement a well-defined, adaptable, and optimized strategy that helps mitigate risks and protect the supply chain.
President Biden’s Executive Order includes a provision that would require software vendors selling to the federal government to maintain a Software Bill of Materials (SBOM). Unfortunately, it’s not that simple.
Hackers are exploiting a 12-year-old router vulnerability existing in the Arcadyan firmware, potentially affecting millions of devices on home and corporate networks, and exposing serious supply chain risks.
While the Executive Order primarily focuses on concrete steps the federal government must take to adopt cybersecurity best practices, there are several provisions that will also significantly impact government contractors, subcontractors and other private sector entities.
As malicious actors increasingly zero in on supply chain attacks, both third-party solutions providers and end users must make a more concentrated effort to shift to a ‘validation before implementation’ model.
Corporate boards are increasingly concentrating on cybersecurity issues. Here’s how to ensure they focus on third-party risk, too.
While there was no unauthorized access of user accounts for the third party breach, Dave’s users can expect phishing and identity fraud scams based on the information that was breached.
Supply chain security is becoming an increasing concern in COVID-19 outbreak as new opportunities are provided to cyber criminals seeking to exploit vulnerabilities.
With tens of thousands of contractors serving the Defense Department, the new vendor cyber security certificate aims to improve supply chain security by assessing contractors before allowing them to bid.
Supply chain security is a hot issue for enterprises with increasing third party data breaches. Recent (ISC)² study indicates these breaches are more likely the fault of a large enterprise partner than a small one.