The Evolution of Supplier Risk Management
Recent supply chain attacks, from SolarWinds to 3CX and MOVEit, illustrate the impact that can occur when a single widely used software platform is compromised, enabling attackers to use this initial access as an entry point into any number of subsequent networks. Often the intention is to propagate malware or leverage sensitive data to extort victim organisations. In the case of the 2023 MOVEit breach, approximately ~2,356 organisations and 70 million people were impacted with effects reportedly felt months after the original 0-day discovery.