cybersecurity

Unconditional Procurement with Cybersecurity

Locket and numbers symbolizing cybersecurity

Daryl Hammett is COO and General Manager at ConnXus, a supplier management software company. Daryl completed the Certified Third Party Risk Management Professional (C3PRMP) program through SIG University. He shares how he is implementing the best practices he learned in the program to mitigate cybersecurity risk at ConnXus.


In the global supply chain landscape, cybersecurity threats are increasing exponentially. Fortune 500 companies’ sensitive information is leaked because hackers target their vendors and business partners, and organizations that might not be as secure as their corporate buyers. Every supplier and business partner can become an added risk. Working with global companies big and small, one of the most significant opportunities that I've observed is managing multi-tier suppliers and mitigating risk. We can support all our suppliers through secured technology and the principle of “unconditional procurement.”

Daryl Hammett, CSMP, CSP, C3PRMP, General Manager/Chief Operating Officer, ConnXus

The Shifting Cyber Threat Landscape

An image of a lock followed by colorful tendrils.

With the rapid acceleration of cloud software, Internet of Things (IoT) and advancements in FinTech, the financial and technology industries saw significant increases in cyberattacks over the past year. Attackers find vulnerabilities in supply chains and software, capitalize on lax security updates and use social engineering to manipulate end-users.

As hackers become more creative in their subversive techniques, businesses need to become more proactive in educating their workforce and stepping up their cyber incident response plans. Businesses should consult with their vendors, third-party suppliers and stakeholders in every business unit to ensure continuity, mitigate risk and verify that security measures are being employed and regularly updated.    

Below are summarized findings from the recent NTT Security Global Threat Intelligence Report that focus specifically on the finance and technology sectors in the Americas, which account for the most highly targeted attack sectors in this region. Recommendations from the National Institute of Standards and Technology Framework are included here as well. Organizations can also look to the Department of Homeland Security’s National Cyber Incident Response Plan for guidance on dealing with and addressing cyber incidents. 

Finance and Technology Top the List of Targets

Attacks to the finance sector nearly tripled, accounting for 43 percent of attacks compared with 15 percent the previous year. Attacks targeted at the technology industry sector increased to 27 percent of attacks, up from 11 percent in the previous year. For comparison, manufacturing was the most attacked sector in 2016, with 23 percent of attacks, but has since fallen to five percent of attacks in 2017.

Stacy Mendoza, Digital Marketing Specialist