Supply Chain Security: 5 Important Steps

One of the largest known breaches, resulting in 110 million records lost and hundreds of millions of dollars in damages, started with a small, third-party supplier. We're talking about Target, where attackers compromised Fazio Mechanical Services, a provider of heating, ventilation, and air conditioning services, to gain access to the retail giant's network. The breach lasted 19 days and contributed to a 46% drop in year-over-year quarterly profits for the company, according to Target's filings with the Securities and Exchange Commission. Nearly 100 lawsuits have been filed so far, and Target's then CEO, Gregg Steinhafel, and its CIO, Beth Jacobs, have resigned.

“The Target breach is a watershed moment in third-party attacks,” says Stephen Boyer, CEO of BitSight, a security intelligence firm. “No one wants to be the next one.”

The breach may be a watershed, but it's hardly unique. The August 2013 defacement of The New York Times occurred because attackers fooled the media organization's DNS provider into granting access to the account that determined how the Internet routed traffic to the Times' site. Lockheed Martin suffered an attack through a flaw in RSA's SecurID system. The email addresses of customers who sought support from Twitter, Pinterest, and Tumblr were leaked when attackers breached support services firm Zendesk in February 2013. Security and CDN service CloudFlare was infiltrated via its CEO's Gmail account.

For the full story, see EBN sister site Dark Reading.

— Robert Lemos is an award-winning technology journalist who focuses on network and computer security.

6 comments on “Supply Chain Security: 5 Important Steps

  1. SP
    August 7, 2014

    Security is always an issue when it comes to dealing with internet or sharing data virtually. BUt what happened in Target seems quite a task for hackers. Looks like hackers are getting more powerful technically.

  2. fougesmith
    August 7, 2014

    These machineries are having their high demand in this modern life period and people are making complete use of it. order a coursework

  3. Anand
    August 12, 2014

    Toshiba recently had a loss of a billion dollars just because of a stolen chip idea. Hence they imposed a 1.1 billion dollar lawsuit on the company that stole the idea. Turns out, a former Toshiba employee turned out to be the whistle blower. Supply chain managers must know how to mitigate risks and employees talking to other companies.

  4. Anand
    August 12, 2014

    @SP: Hackers get more powerful with increasing age of technology. That is a given. You cannot expect your system to be a low latency high security system without relying on some ready bake software and it is this software that forms the root of hacking, because these software are relatively easy to get.

  5. Stephenmerchant12
    September 7, 2018

    Supply chain management is a great career with lots of different options and roles to explore. A degree in supply chain management is a good place to get started if you're interested in a career in supply chain you might also consider any professional qualifications which go from entry level right up to postgraduate level and are very highly regarded by employers. Order a coursework

  6. Buy Coursework Online
    October 12, 2018

    Can anyone please share the complete details of supply chain. I was reading your about supply chain while i was buying coursework online from UK Company.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.