To my great shame, I realized that it's been over a year since I wrote a new blog post for Cyentia Institute. I've written for several reports in that time span, of course, but that's no excuse for neglecting to distill and share interesting bits from that research on our blog. I'm going to try to be better about that, starting with this short piece based on recent work analyzing the digital supply chains of 230,000 orgs.

https://www.cyentia.com/supply-chain-multiplicity/

#supplychainsecurity #supplychainrisk #supplychainresilience #thirdpartyrisk #thirdpartyriskmanagement #attacksurfacemanagement

“Apple […] and Google's […] online stores contain computer code developed by a technology company, Pushwoosh, that presents itself as based in the United States, but is actually Russian”
#supplychainrisk #thirdpartyrisk #surveillance #cybersecurity #infosec

https://www.reuters.com/technology/exclusive-russian-software-disguised-american-finds-its-way-into-us-army-cdc-2022-11-14/