We recently wrote about the increase in ‘supply chain cyber attacks’ and how the UK and EU governments are terrified about their impact on the economy.
If you are a professional services firm, you may be the target of a ‘supply chain attack’ with cyber criminals looking to use data you hold to run extortion attacks or financial fraud on your clients.
However, you are also at risk of a cyber breach as a result of an attack on one of your suppliers. This could for example be a cloud software provider where you store your data, your accountant or solicitor, office security company or even your IT provider.
You should as a minimum be auditing every potential supplier before your start working with them to ensure they have appropriate cyber security controls in place. For suppliers who look after your data or have any access to your IT systems, you should be doing this on a regular basis.
One approach is to ask for copies of your suppliers’ security certificates (such as Cyber Essentials or ISO 27001). But this approach might not be comprehensive enough or fit your requirements.
In this video our Managing Director Bruce Penson shows you how to use ChatGPT to create a supplier security, customised for your business, in 15 minutes.
Pro Drive are experts in helping Accountancy, Financial Services and Legal firms with security questionnaires and we regularly help our clients get in place procedures and questionnaires to audit their supply chains. If you would like to know more, get in touch.
Pro Drive are experts in helping Accountancy, Financial Services and Legal firms with security questionnaires and we regularly help our clients get in place procedures and questionnaires to audit their supply chains. If you would like to know more, get in touch.