ATTACK PATH DISCOVERY: SUPPLY CHAIN SECURITY

摘要

From Shanghai to Los Angeles, IT services and systems now connect the various infrastructures of the supply chain, creating a complex web of dependencies. Each of these assets could theoretically become entry points for a cyberattack using known or new zero-day exploits. In addition to patching vulnerabilities, cyber defense teams need to take a proactive stance by deploying intrusion detection systems (IDS) to actively sniff out potential threats. Our investment in cyber security has to match if not exceed that spent on physical security measures. Intrusion detection is one of these measures. It relies on accurately monitoring a network for signs of attack. There is no one IDS able to monitor an entire supply chain, which means that each organization has a responsibility to investigate possible vulnerabilities in its networks. This is a huge undertaking since attacks can come in from various local and global networks and affect multiple systems.