<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo

Vendor Risk Management

Carbon Black Report Indicates Industries Most Targeted For Cyber Attack


In their third Global Incident Response Threat Report our Massachusetts neighbor, Carbon Black, illustrates not only the top industries for cyber attack but a deeply concerning new trends that faces business regardless of industry.

The Growing Concern Of “Island Hopping”

Before we get to the industries, we need to look at this new trend that is growing within enterprise cybercrime. The idea of island hopping is defined by the practice of a cybercriminal gaining access to an organization’s network and essentially following that connection down the entire supply chain.

It is in cases like this, that the immediacy of something like the DFARS mandate and NIST SP 800-171 become apparent. In multiple instances, we’ve seen growing concern about the vulnerabilities of the supply chain and how critical vendor risk management is in the face of an expanding enterprise ecosystem. It is with this context that Carbon Black’s findings on the industries most at risk for this form of attack become clear

Top Industries For Island Hoppers

Carbon Black reports that financial and healthcare take the top spots for island hopping. The change, though, is the third space - manufacturing companies are up 41% from last quarter (not last year, last quarter). These industries take the top spots with good reason - companies in these industries are becoming archipelagoes of a supply chain. While there is typically a nexus of connections, it is the peripheral members of the supply chain that can be infected. Again, the most apparent scenario being the Department of Defense supply chain and the impending updates to NIST 800-171.

The value of a manufacturer's supply chain, specifically, may not be what you think. Carbon Black cites global trade and nation-state actors as the main perpetrators seeking the intellectual property stored within these networks as a means to compete on the global stage.

Securing the bridges between islands

In this case, burning the bridge is a good thing - enterprises especially need to ensure that they are monitoring the flow of information along their supply chain. 44% of participants in Carbon Black’s study cited a lack of visibility as the primary barrier to incident response.

Visibility, in this case, requires standardization. For many organizations, assessing their supply chain is a grueling process that at best is wielding a overloaded GRC system and at worst is managing a series of spreadsheets that grows exponentially by the number of vendors and number of versions. In order to consistently assess your supply chain, you need a tool that streamlines and automates the process rather than bogging down all the parties involved. We took a look at the critical capabilities to look for when buying a vendor risk management solution - see our download and infographic here.

You may also like

NIST vs. ISO –What You Need To Know
on June 24, 2022

Organizations are increasingly on the lookout for ways to strengthen their cybersecurity capabilities. Many have found solace in compliance frameworks that help guide and improve ...

Top 5 Recommendations For Your ...
on June 22, 2022

Discover, design, validate, promote, and sustain best practice cyber protection solutions to safeguard your people and processes. As the cyber attack surface expands, the Center ...

June Product Update
on June 21, 2022

It’s a celebration! 🎵♪🎵♪ ♩Automate your scores, come on (Let’s automate) Automate your scores, come on (Let’s automate) There’s a party goin’ on right here An automation to last ...

Why You Need CIS Controls for ...
on June 17, 2022

The Center for Internet Security (CIS) is a non-profit organization that helps public sectors and private sectors improve their cybersecurity. The organization aims to help small, ...

Small Business Cybersecurity ...
on June 15, 2022

To achieve peace of mind in the modern threat landscape, small business owners must have a solid security strategy and budget in place. VIPRE’s SMB Security Trends report state ...

Do Small Businesses and Startups ...
on June 10, 2022

Did you know that about 60% of small businesses shut down within 6 months by falling victim to a data breach or cyber-attack, where the average global breach cost hovers at $3.62 ...