End-to-end cyber defense platform BlueVoyant, a US-based company which officially opened its local office in Manila on October of 2019, reported a rising trend in supply chain breaches and enterprises left unaware of security issues with partner suppliers.
Alongside this observation, the growing demand on cyber threat identification and mitigation for third-party ecosystems is driving the ‘Third-Party Cyber Risk Management’ vertical which BlueVoyant considers a must-have for companies with extensive supply chains and several external partners.
As an expert in both internal and external cyber defense, BlueVoyant claims that it is the only company in the country currently providing an end-to-end vendor risk monitoring service that converges with other security capabilities under a single and unified platform.
“BlueVoyant is at the forefront of delivering unparalleled cyber defense capabilities that help protect businesses’ data, infrastructure, customers, and employees from cyberattacks. Redefining how businesses understand and address their cyber risk environments is a core focus for BlueVoyant, especially when it comes to third-party risks posed by their supply chain,” said Tal Blaustein, BlueVoyant International’s chief operating officer.
Back in 2020, a report by BlueVoyant stated outright that third-party vendor cyber risk was fast becoming a significant challenge for enterprises, and based on the current landscape and known attacks across multiple industries, there are already instances where a single vendor network has negatively affected tens of thousands of companies from a single breach.
BlueVoyant commissioned survey entitled “Global Insights – Managing Cyber Risk Across the Extended Vendor Ecosystem” also revealed that while 97% of companies have been negatively impacted by a supply chain breach, the number of decision makers who are prioritizing third-party cyber risk is growing at a steady pace.
At home, the financial sector remains to be the most targeted by cyberattacks and BlueVoyant has seen a number of threat actors dubbed as “callers” who disguise themselves as employees of banking institutions and reach out to victims with partially compromised accounts, gaining access to the missing details and taking over the account for malicious purposes.
“It has become glaringly clear that the vendor, partner, and supplier ecosystem is now the attack surface of threat actors. One of the most pressing concerns in this regard is that more companies are creating more risk by putting more of their data into third-party applications. This risk is perhaps distributed among a thousand other vendors, partners, and suppliers,” he added.
Blaustein explained that businesses will have to operationalize their data to improve visibility and maximized value, leading to better visibility into the supply chain risks with teams dedicated for either curating the findings, ensuring remediation implementations, and monitoring.
In building a proactive defensive posture of the supply chain, BlueVoyant analysts say that keeping close tabs on all vendors, partners and suppliers, as well as flagging them when they are not protected, will help businesses address critical vulnerabilities before they can do any harm.
Through a combination of advanced technology and data analytics, BlueVoyant aims to provide its services to help local companies expand their protection throughout their respective supply chains.
