When we think of these words, what imagery comes to mind? Suppliers? Distributors? What about your business partners?
A great example is if you think of a defense contractor who is accessing the government's networks or highly sensitive projects as a result of the contract that was awarded,
this contractor is now part of the supply chain.
So now let's see how the supply chain directly impacts cyber security considerations.
unless you've been living on a deserted island for over three years, it's highly unlikely that you haven't heard of the OPM where the target preaches.
In both cases, each sustained unauthorized access through their business partner.
Allowing system resource is to be manipulated and ultimately resulting in massive data preaches.
let's take a look at the similarities and the differences between these two.
When we look at the following table that illustrates both opium and target,
you can clearly see where these organizations had similarities. But more importantly,
where they were different, OPM was not able to offset the cost of the breach, either by an insurance instrument
or about being able to push those costs back to 1/3 party.
And why is that
because up until the latter part of 2015
no language existed
in government procurement documents
that entitled the government
to seek financial restitution for these types of cases.