<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo

Vendor Risk Management

Carbon Black Report Indicates Industries Most Targeted For Cyber Attack

down-arrow

In their third Global Incident Response Threat Report our Massachusetts neighbor, Carbon Black, illustrates not only the top industries for cyber attack but a deeply concerning new trends that faces business regardless of industry.

The Growing Concern Of “Island Hopping”

Before we get to the industries, we need to look at this new trend that is growing within enterprise cybercrime. The idea of island hopping is defined by the practice of a cybercriminal gaining access to an organization’s network and essentially following that connection down the entire supply chain.

It is in cases like this, that the immediacy of something like the DFARS mandate and NIST SP 800-171 become apparent. In multiple instances, we’ve seen growing concern about the vulnerabilities of the supply chain and how critical vendor risk management is in the face of an expanding enterprise ecosystem. It is with this context that Carbon Black’s findings on the industries most at risk for this form of attack become clear

Top Industries For Island Hoppers

Carbon Black reports that financial and healthcare take the top spots for island hopping. The change, though, is the third space - manufacturing companies are up 41% from last quarter (not last year, last quarter). These industries take the top spots with good reason - companies in these industries are becoming archipelagoes of a supply chain. While there is typically a nexus of connections, it is the peripheral members of the supply chain that can be infected. Again, the most apparent scenario being the Department of Defense supply chain and the impending updates to NIST 800-171.

The value of a manufacturer's supply chain, specifically, may not be what you think. Carbon Black cites global trade and nation-state actors as the main perpetrators seeking the intellectual property stored within these networks as a means to compete on the global stage.

Securing the bridges between islands

In this case, burning the bridge is a good thing - enterprises especially need to ensure that they are monitoring the flow of information along their supply chain. 44% of participants in Carbon Black’s study cited a lack of visibility as the primary barrier to incident response.

Visibility, in this case, requires standardization. For many organizations, assessing their supply chain is a grueling process that at best is wielding a overloaded GRC system and at worst is managing a series of spreadsheets that grows exponentially by the number of vendors and number of versions. In order to consistently assess your supply chain, you need a tool that streamlines and automates the process rather than bogging down all the parties involved. We took a look at the critical capabilities to look for when buying a vendor risk management solution - see our download and infographic here.

You may also like

Conducting Your First Risk ...
on January 30, 2023

As digital adoption across industries increases, companies are facing increasing cybersecurity risks. Regardless of their size, cyber-attacks are a persistent threat that must be ...

Your Guide to Cloud Security ...
on January 26, 2023

Cloud computing refers to the delivery of multiple services via the internet (also known as the “cloud”), including software, databases, servers, storage, intelligence, and ...

Compliance and Regulations for ...
on January 9, 2023

Compliance for many cybersecurity programs has been the cornerstone and the catalyst for why many programs exist in the first place. Since the rise of the information technology ...

Cyber Risk Quantification: Metrics ...
on January 6, 2023

Risk management is the new foundation for an information security program. Risk management, coupled with necessary compliance activities to support ongoing business operations, ...

Padraic O'Reilly
Cybersecurity Maturity Models You ...
on January 27, 2023

Cybercrime has forced businesses worldwide into paying billions of dollars yearly. As more of the population becomes dependent on technology, the fear of cyber attacks continues ...

Top 10 Risks in Cyber Security
on December 23, 2022

Increasing cyber security threats continue creating problems for companies and organizations, obliging them to defend their systems against cyber threats. According to research ...