Recent supply chain attacks such as Kaseya, Accellion and SolarWinds have illustrated that when it comes to vendor breaches, it’s not if, but when. While it’s impossible to predict cyberattacks, there are key steps that you can take with your vendors to determine if you might be at risk.
Here are 4 key strategies:
1. Monitor Security Posture
It’s important to assess and continuously monitor your vendors’ security posture in order to unveil assets and any possible cyber gaps. A thorough attack surface analysis should examine at least three layers:
- IT and network: Parameters involving DNS servers, SSL-related protocols and more
- Applications: Parameters involving Web applications, domain hijacking and more
- Human: Parameters involving social posture, presence of dedicated security team and more
In particular, you should be sure to pay attention to critical and high severity findings. With a comprehensive assessment and continuous monitoring of your vendors, you can pinpoint security gaps early on and remediate them before they can be exploited by malicious actors.
2. Review Cyber News
If a breach does take place that might involve your vendor, you want to be aware of it as early as possible so that you can take steps to mitigate it. For this reason, it’s important to regularly review cyber news to keep abreast of any cyber incidents and how they might affect you and your third parties. Staying informed will allow you to take important steps such as limiting third-party access to your systems and being alert to suspicious activity.
3. Check Dark Web Chatter
It’s a good idea to check trend changes mentioning your third parties on hacker forums and other nefarious marketplaces. By doing so, you can monitor potentially malicious hacker chatter about opportunities to target your third party, sell databases of personal information or take advantage of system weaknesses for financial benefit. By regularly checking the dark web, you can become proactive about knowing in advance of in-the-wild threats to your supply chain. In addition, you can collaborate with your third party about how to prevent them.
4. Watch for Warning Signs
Certain vendor security issues can indicate that there might be a problem with your vendor. They might include, for example, outdated technologies, untrusted certificates, mail server misconfigurations, lack of security controls and botnet traffic emanating from compromised machines. All of these are signs that something might be amiss with your vendor and that you should investigate the matter more thoroughly.
How Panorays Helps
Panorays assesses and continuously monitors the security posture of all of your vendors and alerts you of any cyber issues so that you can respond to them quickly. Its comprehensive evaluation includes an attack surface assessment combined with automated security questionnaires while also considering business context. Panorays’ analysis also includes investigating the dark web for anomalies that could indicate malicious behavior. Moreover, Panorays gives you access to cyber news directly from the platform, so that you can stay informed about third-party breaches and how they might affect you and your vendors. With these tools, you can be alerted to any suspicious activity that might indicate that your vendor is at risk of being breached.
Want to learn more about how Panorays helps you assess and monitor your vendors? Schedule a demo today.