Maintain a quiet, bird’s eye, view of your enterprise technical and human resources. Monitor vendors, partners, affiliates, and potential merger/acquisition targets for Indications of Compromise (IoC) to their information technology or human assets.
Due Vigilance is very smart business. Sophisticated threat actors are moving their attacks upstream in the value chain. In order to compromise your enterprise, attackers increasingly first look to exploit a technical vulnerability, policy weakness, misconfiguration, or human error in a partner, vendor, supplier, or service provider you rely heavily on to do business or perform your mission.
Threat actors are well aware of the fact that your vendors, suppliers, partners, and others may have, out of necessity, login credentials or other privileged access to your systems. These privileges may include, Virtual Private Network (VPN), Remote Desktop Protocol (RDP), Cloud Storage, file management systems, industrial control systems, and many others. Threat actors work hard to identify and map these key enterprise relationships.
It is imperative that the first indication that a vendor, partner, or service provider has been compromised NOT be a breach of YOUR own business- or mission-critical systems.
Contact Vigilox to get started.