Your supply chain is being invaded. It's time to discuss how best to manage risk to your supply chain and reputation in 2017. Cyberspace of 2017 has become a free-fire zone with a multiplicity of actors. The dark-side of globalization resides in cyberspace. Corporations are regularly under siege from a multiplicity of threat actors. The cyber arms bazaar that flourishes around the world has allowed for criminals and nations to wage long term campaigns against corporations and government agencies. These cybercriminals stalk businesses and consumers from the fog of the dark web. Evidence suggests that the Dark Web has become an economy of scale wherein the cyber-crime syndicates have begun to target the interdependencies of our networks. 2017 has ushered in a foreboding era of digital colonization of American cyberspace.As the cybercriminal community burrows in to our networks we must appreciate that after the initial theft of data they tend to hibernate. This hibernation allows for secondary schemes of monetization. Some of these criminal endeavors include reverse business email compromise against your customers and/or selective Wateringhole attacks. Cybercriminals realize that there is implicit trust in your brand; trust that can and will be exploited. The modus operandi of cybercriminals has been modernized and thus we should allow their offense to inform our defense. As we attend Blackhat, we must spin the chess board to realize the opportunities for strategic action.In 2017, CSOs must enhance the scope and diligence of their supply chain security assessment. First, security strategies must encompass more than technology vendors. Law firms and marketing firms should be included in all annual security assessments. Second, any merger or acquisition must include a compromise assessment. Such a compromise assessment should include a penetration test from within your network to the outside world. Finally, service level agreements (SLAs) must be modernized to mitigate the cyber threats of 2017, therefore the rigor of the security controls required must encompass elements of intrusion suppression like the proactive use of deception grids and adaptive authentication.Managing cyber exposures to your supply chain is a function of conducting business in 2017. Beyond mere compliance with existing standards corporations must protect their brand before it is hijacked. Supply chain risk management requires an architectural paradigm shift to intrusion suppression. Modernizing defense in depth will allow an organization to thwart the burgeoning digital invasion of their network. It is imperative that we reevaluate vendor relationships and institute increased safeguards and oversight as information supply chain risk is here to stay. Cybersecurity investment begets brand protection which in turn mitigates third-party risk. Those companies who embrace brand protection as a function of comparative advantage will become the titans of industry. Related content opinion Digital hijacking: My identity is gone Ever wonder why your identity got stolen? Post-Equifax this article highlights a modern security strategy for the credit bureaus. By Tom Kellermann Oct 03, 2017 3 mins Internet opinion Big D: The importance of middle linebackers in cybersecurity Offense informs defense. By Tom Kellermann Aug 29, 2017 2 mins Technology Industry Cloud Security Data and Information Security opinion Your brand is under siege CMOs must prepare to defend their brand and company with tools and strategies to combat almost inevitable cybersecurity events. By Tom Kellermann Jun 30, 2017 4 mins Security opinion May 18th: The birthday of the DPO The importance of the European Global Data Protection Regulation and its implications for cybersecurity in America. By Tom Kellermann Jun 06, 2017 2 mins Government IT Technology Industry Data and Information Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe