Supply Chain Attack
Attack that involves targeting a weaker link in the supply chain to gain access to a primary target
Vendor Types
Vendors
Businesses or individuals that provides services to an organization
Suppliers
Individuals involved in the production and delivery of parts or products
Managed Service Providers
Individuals hired by companies to manage IT services on behalf of organization
Vendor Assessment
Process that organizations implement to evaluate the security, reliability and performance of external entities
Penetration Testing: Simulated cyberattack against the supplier’s system
Internal Audits: Vendor’s self-assessment of their security
Independent Assessment: Evaluation conducted by third-party entities
Supply Chain Analysis: Deep dive into a vendors entire supply chain to assess security