Mandiant M-Trends 2022 Report shows that global supply chains remain an attractive target for threat actors who seek to take advantage of trusted business-to-business relationships, as attacking the supply chain provides an opportunity to pivot from one supplier network into multiple customer networks at once. In fact, when the initial infection vector was identified, supply chain compromise accounted for 17% of intrusions investigated by Mandiant in 2021, compared to less than 1% in 2020.
Further, new data from Interos’ 2022 Annual Global Supply Chain Report reveals that organisations have been impacted by on average three significant supply chain disruptions within the last 12 months (not including the Ukraine war) – costing a combined $182 million in lost revenue. Cyber attacks account for $37 million of that figure. Additionally, the overwhelming majority (91%) of executives reported that their organisations had experienced supply chain disruptions from Tier 2 and Tier 3 suppliers in their extended supply chain.
“Interos is focused on helping organisations ensure operational resilience; continuously delivering in-depth analysis on criticality for risk, and risk management,” said Mandiant CTO Marshall Heilman. “Together with Interos, Mandiant will be able to proactively problem solve with a company that is leading the way in ensuring organisations of all sizes understand key attack vectors across supply chain, threat actors and nation state threats.”
The partnership announcement follows a recent alert from the Cybersecurity and Infrastructure Security Agency (CISA) warning of an increase in malicious cyber activity targeting managed service providers (MSPs). The advisory also recommended MSPs to understand and proactively manage their supply chain risk.
“The CISA warning is more evidence that existing supply chain risk management systems were not designed for today’s complex risk environment,” said Interos CTO Nishant Gupta. “Our collaboration with Mandiant will provide multi-factor risk intelligence to help commercial and government organisations better protect targeted entities in their third-party relationships to insulate them from disruption, ransomware, and IP theft. We’re proud to partner with Mandiant to help leaders discover hidden business relationships and exposure to cyber vulnerabilities.”
Since 2004, Mandiant has been a trusted partner to security-conscious organisations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defence solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.
Interos is the operational resilience company — reinventing how companies manage their supply chains and business relationships — through our breakthrough SaaS platform that uses artificial intelligence to model and transform the ecosystems of complex businesses into a living global map, down to any single supplier, anywhere. The Interos Operational Resilience Cloud helps organisations reduce risk, avoid disruptions, and achieve superior enterprise adaptability. Based in Washington, DC, the fast-growing private company is led by CEO Jennifer Bisceglie and supported by investors Kleiner Perkins, NightDragon, and Venrock.