Supply Chain Attack

Attack that involves targeting a weaker link in the supply chain to gain access to a primary target

Vendor Types

Vendors

Businesses or individuals that provides services to an organization

Suppliers

Individuals involved in the production and delivery of parts or products

Managed Service Providers

Individuals hired by companies to manage IT services on behalf of organization

Vendor Assessment

Process that organizations implement to evaluate the security, reliability and performance of external entities

Penetration Testing: Simulated cyberattack against the supplier’s system
Internal Audits: Vendor’s self-assessment of their security
Independent Assessment: Evaluation conducted by third-party entities
Supply Chain Analysis: Deep dive into a vendors entire supply chain to assess security