Cyber Threat Intelligence (CTI) for Supply Chain Monitoring


            When companies outsource work to a third party, they do not outsource the security risks to the
            supplier. Instead, they inherit the security risks of the companies in their supply chain. CTI allows
            companies to identify these risks before these risks victimize them.

            By Shawn Loveland, COO, Resecurity



            Executive summary

            Many  companies  face  various  risks  across  their  supply  chain,  which  are  increasing,  especially  cyber
            threats. Studies indicate that nearly all companies have at least one supplier that has recently, currently,
            or will soon be breached, and many more will be compromised in the next year. Further research shows
            that  in nearly  every  company  that  suffers  a breach,  precursor  signals  of  the breach  could  have  been
            found on the dark web if the company was looking for them. Resecurity's research reveals that over 60%
            of all company breaches originate from a company within their supply chain, which increases to over 90%
            if technology  providers  are  included.  Although  some  companies  assess  the  risk  of potential  suppliers
            during  the  evaluation  phase,  very  few  have  the  resources  or  mandate  to  monitor  all  their  suppliers
            continuously.  An  organized  CTI  effort  can  provide  companies  with  an  economical  and  easy  way  to




            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          175
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.