Supply Chain Security: Managing a Complex Risk Profile

Experts sound off on how companies can work with their third-party suppliers and partners to secure the end-to-end supply chain.

NYC — From Delta Airlines to Best Buy, a number of big-name companies were involved this year in data breaches – but even though their names made headlines, the actual security incidents occurred due to flaws in third-party partners.

Across the board, companies are scratching their heads trying to determine the best methods to manage their supply chain – including hardware, software and beyond – in order to maintain end-to-end security. But it’s not an easy task.

Ultimately, “There needs to be a shift in conversation,” Emily Heath, chief information security officer at United Airlines, said at the WSJ Cyber Executive Forum on Tuesday. “We’re responsible for patching our own computers but we also work with hardware and software suppliers… and we’re the ones in the headlines even when the vulnerabilities come from the third parties. I spend a ton of time worrying about their products.”

Read more…
Source: ThreatPost