Companies and their financial data are at risk of attack from cyber criminals but the weakest links are often in the supply chain. Writing in FX-MM, Paul Huggins, vice president of Security Science at Stroz Friedberg, a risk management company, outlines the questions financial professionals should be aware of to protect their corporate systems from security breaches.
Some financial authorities are now turning their attention to the issue of cyber security due diligence of third-party service providers. Huggins writes: “The danger from weak links in the supply chain takes two forms: suppliers can be disrupted as a result of cyber attack, with a knock-on effect on the bank or financial institution, or they can be a vector in a direct attack.”
- Some of the questions corporates need to be asking themselves include:
- Do you place high levels of trust in the staff or IT of any particular participants?
- Do your suppliers’ risk governance processes provide similar levels of assurance as your own?
- Have you built trust relationships with key suppliers? Do you use regular forums and communications in a manner similar to your customer relationship management?
- Have you considered combining capability sharing with a cyber-insurance policy you purchase on behalf of the supply chain, to provide an incentive for suppliers to take advantage of the offer?
The full list of 20 questions is given in this article.
Like this item? Get our Weekly Update newsletter. Subscribe today