There is a "circle of trust" in cyber security between business and trading partners where "trust" is assumed. Unfortunately, not every member of that "circle" is entitled to the same level of trust based on their security posture. Increasingly, bad actors are penetrating these circles, identify weak members of those circles and exploiting their trusted relationships with members of the group. For an attacker, these circles represent golden opportunities to compromise not just one target, but dozens, to hundreds, to thousands of organizations where "trust" was assumed.. The reality for an attacker is these circles represent a target rich environment where their misdeeds can be spread far and wide as a result of one simple breach. It turns out, you can't simply "trust" your partners, no matter how close or "special" the relationship. The security concept of "Zero Trust" is a manifestation of this reality and
According to a study by Argon Security, an Israeli cybersecurity firm that specializes in protecting the integrity of the software supply chain, software supply chain attacks grew by more than 300 percent in 2021 in comparison to 2020. And another recent study of more than 400 IT executives and managers by Anchore Enterprise, a California-based developer of a security-centric software supply chain management platform, found that three in five companies last year were targeted by software supply chain attacks.