The SolarWinds and Exchange supply-chain attacks have highlighted how vulnerable 3rd party and vendor security are dangerous for every organization.
The industry must fundamentally change to manage the growing risks and it will take time.
There are some steps we make to greatly improve the situation in the short-term.
There are steps we can make to greatly improve the situation in the short term to mitigate these types of menacing attacks.
In today's video, I cover the Top 10 things we can do now to greatly mitigate supply-chain attacks.
For every organization out there, vendors, suppliers and customers, I suggest applying what you can.
Let me know in the comments section if you agree/disagree or if I missed anything!
Matthew Rosenquist is an industry-recognized pragmatic, passionate, and innovative strategic security expert with 28 years of experience. He thrives in challenging cybersecurity environments and in the face of ever shifting threats. A leader in identifying opportunities, driving industry change, and building mature security organizations, Matthew delivers capabilities for sustainable security postures. He has experience in protecting billions of dollars of corporate assets, consulting across industry verticals, understanding current and emerging risks, communicating opportunities, forging internal cooperation and executive buy-in, and developing practical strategies. Matthew is a trusted advisor, security expert, and evangelist for academia, businesses, and governments around the world. A public advocate for best-practices, and communicating the risks and opportunities emerging in cybersecurity. He delivers engaging keynotes, speeches, interviews, and consulting sessions at conferences and to audiences around the globe. He has attracted a large social following of security peers, is an active member on advisory boards, and quoted in news, magazines, and books. Matthew is a recognized industry expert, speaker, and leader who enjoys the pursuit of achieving optimal cybersecurity. Matthew Rosenquist is experienced in building world class teams and capabilities, managing security operations, evangelizing best-practices to the market, developing security products, and improving corporate security services.