|
LOG IN |
|
 
|
US critical infrastructure lacking cyber supply chain security02 Dec 2010Source: SC Magazine US critical infrastructure firms are not adequately extending security policies, processes and controls to their "cyber supply chains” and thus face an increased risk of attacks that could impact business operations and disrupt service delivery, according to a new report based on a survey of 285 security professionals working in critical infrastructure organizations. The survey found critical infrastructure companies are failing short when it comes to supply chain security. Just 10 percent of respondents, for example, are following best practices when auditing the internal security processes of their IT vendors. Most of the time, assessments are conducted “haphazardly” and are not thorough, according to the report. Sometimes security audits do not even have an impact on IT procurement. Interestingly, organizations with the strongest security policies, procedures and defenses reported the highest number of security breaches, the report said. That is because less mature companies don't even realize they are being infiltrated. Read more here |
  |
