IT Supply Chain Cyberattacks Are About More Than the Weakest Link

Author: Gerald F. Burch, PH.D., Jordan Burch and Joshua Brown
Date Published: 26 February 2025
Read Time: 12 minutes
Related: Blueprint for Ransomware Defense

Supply chain management research often focuses on identifying the weakest link in the supply chain and trying to replace or repair it. However, recent research on the NotPetya attack suggests that there is more that organizations can do to minimize damage from an IT supply chain attack. First, they must take a broader view of the effects caused by such attacks...

Members, login to keep reading.

Not a member but want to read more?
Explore ISACA member benefits today.

Additional resources

Blog Post

Developing a Cyber Strategy and the Seven Pillars of Cyber Resilience

An effective cybersecurity strategy that includes critical pillars of cyber resilience, such as embedding security into the design phase and prioritizing basic controls, can drive business success.

14 February 2025

Security Article

Overreliance on Automated Tooling: A Big Cybersecurity Mistake

Automation and artificial intelligence (AI) have been a positive force multiplier in the cybersecurity industry. Improved time efficiency, resources, cost, and productivity are great strides in the field and should be celebrated.

30 December 2024

Governance Article

Cloud Data Sovereignty: Governance and Risk Implications of Cross-Border Cloud Storage

Multinational organizations must navigate complex legal and regulatory challenges when adopting cross-border cloud services, which requires strategic planning and compliance measures to ensure successful implementation and mitigate potential risk.

18 November 2024

Home / Resources / ISACA Journal / Issues / 2025 / Volume 1 / IT Supply Chain Cyberattacks Are About More Than the Weakest Link