Supply chains are a critical element in the normal operation of nearly every business. Without them, we simply cannot function. But with malicious actors still targeting our supply chains we need to do something to minimise the increasing risk. A recent report from BlueVoyant indicated that:
of large enterprise firms surveyed have experienced a breach resulting from a compromise of their supply chain.
of participants said they had no way of knowing whether they had been compromised.
Is it a battle we can win?
Without reservation, I would say YES! Governance is the key to mitigating this risk.
What can we do?
The National Cyber Security Centre (NCSC) has produced some excellent guidance for supply chain security and it is broken down into four key principal areas:
James is a Certified Information Systems Security Professional (CISSP), ISO27001 Information Security Lead Auditor and qualified PCI Quality Security Assessor (QSA) from a multi-industry background. He is experienced in delivering risk based information assurance projects including PCI-DSS assessments, vCISO engagements, GDPR gap analysis and ISO27001 implementations including ISMS management.
To discuss how the above impact your business, feel free to get in touch with our team. We provide our clients with pragmatic advice and support to help them achieve a robust and defensible position.
Subscribe to Updates
Receive regular updates from our expert consultants as they provide clarification and guidance on issues impacting your organisation.