Steve Stobo, director at Cyber Consulting Services Limited, asks these questions:
- Do you know the overall cyber security rating of your supply chain?
- What is your financial risk if your supplier is breached?
- Are all your suppliers secure and resilient?
- Have any of your suppliers been breached, or are they a soft target?
- What is your suppliers' compliance level?
- Is your supply chain risk increasing or decreasing?
- Who are your safest/riskiest suppliers?
- Who can cause the most damage if they are breached?
- How do you choose a new supplier?
- Are there suppliers you should not be using?
Some of these questions overlap, but all are relevant to your own cyber risk. If you can't answer these questions you may be in more danger than you realize.