There is a crying need for companies to enlist their supply chain management departments in the fight against cyberattackers. According to our research, over 60% of reported attacks on publicly traded U.S. firms in 2017 were launched through the IT systems of suppliers or other third parties such as contractors, up from less than one-quarter of attacks in 2010. A number of the high-profile attacks on large companies — including Equifax, Netflix, Best Buy, and Target — occurred this way.
Purchasing Managers Have a Lead Role to Play in Cyber Defense
Over 60% of cyberattacks involve suppliers or third parties.
July 10, 2018
Summary.
There is a crying need for companies to enlist their purchasing departments in the fight against cyberattackers. According to our research, over 60% of reported cyberattacks on publicly traded U.S. firms in 2017 were launched through the IT systems of suppliers or other third parties such as contractors, up from less than one-quarter of attacks in 2010. A number of the high-profile attacks on large companies — including Equifax, Netflix, Best Buy, and Target — occurred this way. To mitigate this type of risk, firms should embed cybersecurity measures in contracts with third parties, limit suppliers’ access to IT systems, work with competitors, and hold supply managers accountable.