Reducing Cybersecurity Risk In 2025: Consider A Supply Chain Strategy
DTS CEO, Edward Tuorinsky, shares his insights with Forbes Business Council, on reducing cybersecurity risk in 2025: consider a supply chain strategy.
Despite increased cybersecurity budgets, the landscape for U.S. businesses continues to be hazardous. Breaches are up 72%, costing businesses an average of $4.88 million. Government mandates for contractors to meet minimum cybersecurity standards went into effect in December 2024, lagging behind private-sector efforts. Companies of all kinds and sizes are looking for new ways to defend against threats—and lower the temperature of risks.
There’s a new strategy to consider: Creating a safer supply chain.
How will your company handle skyrocketing cybersecurity risks in the year ahead?
Mitigating Risk
The traditional approach to risk mitigation is to assess and prioritize risks and then tackle each, starting from the top. For cybersecurity risk, that often includes tactics such as employee training, strong network access controls and multifactor authentication. These moves strengthen a company’s defenses.
The supply chain strategy takes a different approach. By agreeing to uphold higher standards for cybersecurity, companies can create a safer operating environment for their business and that of their partners, vendors and suppliers.
The Supply Chain Strategy
Increasingly, U.S. companies view cybersecurity as a business problem, not just a technical one. Every business process or connection is being reexamined with a zero-trust mindset, which assumes all users, devices and connections are untrustworthy until verified.
In practice, a supply chain risk mitigation strategy includes:
• Defining the network of companies and people involved in the production and delivery of your products or services.
• Identifying those with whom you share systems, applications or proprietary information.
• Establishing policies around minimum cybersecurity standards and secure standard operating procedures.
• Advising each connection of your policies and requirements.
• Verifying the cybersecurity posture of each trusted connection.
• Minimizing exposure with noncompliant companies or replacing them within your network.
Cybersecurity vetting of new and existing supply chain connections is the modern equivalent of asking for a business’s credit rating—an objective data point reflecting business health. However, unlike a credit score, those asking will need to verify the information that partners provide, which may require a nondisclosure agreement and the need for cybersecurity expertise or legal counsel.
Proof-based cybersecurity verification includes System Security Plans and/or third-party certifications, including ISO, SOC, CMMC or other audit-based standards.
Read the full article here: Reducing Cybersecurity Risk In 2025: Consider A Supply Chain Strategy
Consult with DTS today to strengthen your cybersecurity, reduce risks, prevent breaches, and enhance your business resilience for the future.