SolarWinds was not the first supply chain cyber attack and it won’t be the last. Everyday companies find themselves compromised through their vendors, who unknowingly deliver attacks — especially ransomware in the past year — to the customer company. Once a compromised company is delivering a sophisticated attack through a software upgrade it’s already too late to do anything but contain the damage. The first line of defence needs to be upstream — at the point where the supply chain company is first compromise

In an earlier post I talked about the principles of supply chain compromise. But C-Suite executives…

Robert Hannigan

Cyber Security Specialist. Chairman of BlueVoyant International. Former GCHQ Director & Founder of UK National Cyber Security Centre. Views are his own.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store