THREAT OPS › Threat News › Third-Party Risk Is an Intelligence Operation. It's Time We Treated It Like One.
Third-Party Risk Is an Intelligence Operation. It's Time We Treated It Like One.
<p>For years, the cybersecurity industry has treated third-party risk management as a compliance exercise. Assess your vendors. Assign a score. File the report. Move on. That model was built for a different era. One where supply chains were smaller, threat actors were less sophisticated, and a quarterly questionnaire could reasonably approximate a vendor's security posture. That era is over.</p>
MITRE ATT&CK techniques
Indicators of compromise
- https://www.forrester.com/report/RES192714url
- https://www.riskrecon.com/url
- app.userevidence.comdomain