hot topic | THIRD PARTY CYBER RISK
DO YOU KNOW YOUR WEAKEST LINK?
The Department of Homeland Security recently released an alert warning about active threats targeting managed service providers (MSPs). The number of organizations using MSPs has grown significantly over recent years, according to the alert, which warned that threat actors have been using various tactics and techniques for the purposes of cyber espionage and intellectual property theft since May, 2016.
Cyber adversaries are innovative, organized, and relentless in finding new ways to infiltrate, corrupt and weaponize whatever touches the internet – often bit by bit. An increasingly prevalent strategy is for attackers to divide targets into two groups; the intended targets and potential staging targets – third-party organizations like vendors, suppliers, and industry websites.
Your organization’s risk surface is likely much larger than you think. To accurately and holistically assess cyber risk, you need to consider the threats that lurk below the surface and figure out how a threat actor may try to target your organization through vulnerabilities in your entire ecosystem of vendors, partners, and third-party suppliers.