Cyware<\/a> introduces us to supplier collective defense and why enterprises should embrace it in their own strategies.<\/em><\/strong><\/p>\nWe have all become far too aware of the challenges and risks that cyber threats pose to our organizations and their supply chains. We also know that our organizations are only as secure as our suppliers. While, to date, there has been a lot of focus on supply chain vulnerabilities, the actual problem area is more complex than that. As such, we must expand our problem scope to the entire security posture<\/em> of our suppliers, who will almost certainly have different levels of cybersecurity maturity and capabilities.<\/p>\n\n- How can you ensure that your suppliers are adequately protected and aligned with your cybersecurity standards and objectives?<\/li>\n
- How can you leverage the collective knowledge and resources of your supply chain to enhance your cybersecurity posture and resilience?<\/li>\n<\/ul>\n
The answer is supplier collective defense. Supplier collective defense<\/strong> is an approach that moves beyond looking at vulnerability risk. It aims to enhance the cybersecurity posture of both large enterprises and their suppliers by sharing information and best practices across the supply chain. Let\u2019s take a closer look at what supplier collective defense is, why it\u2019s essential, and how it can be implemented using existing standards and technologies.<\/p>\nSupplier Collective Defense: A New Approach to Cybersecurity<\/strong><\/h2>\n
\nThe ‘What’ and ‘Why’ of Supplier Collective Defense<\/strong><\/h3>\nSupplier security is among the most critical aspects of a supply chain. Suppliers are often responsible for implementing and maintaining the IT systems and processes that support the organization\u2019s operations. They also have access to sensitive or proprietary information that attackers could exploit. Therefore, suppliers need effective cybersecurity controls in place to protect their own systems and data as well as those of their customers. However, these organizations may lack the resources, expertise, or awareness to implement adequate cybersecurity measures. They may also face challenges in keeping up with the evolving threat landscape and complying with various standards and regulations. As a result, they become more susceptible to cyber-attacks that could affect not only their own operations but also those of their customers.<\/p>\n
This is where supplier collective defense comes in. Supplier collective defense is an approach that aims to enhance the cybersecurity posture of both large enterprises and their suppliers by sharing information and best practices across the supply chain.\u00a0 By working together as a team against common threats, both parties can achieve greater resilience and security than they could individually. A rising tide lifts all boats, right?<\/p>\n
Supplier collective defense has several benefits for both large enterprises and their suppliers. Among these, it:<\/p>\n
\n- Reduces the risk of supply chain disruption caused by cyber-attacks. By sharing threat intelligence findings, detection rules, incident response plans, and other defensive information with suppliers in real-time or near-real-time, large enterprises help them detect and mitigate potential attacks before cyber-criminals cause significant damage.<\/li>\n
- Improves the efficiency and effectiveness of cybersecurity operations. By leveraging each other\u2019s resources, large enterprises help their suppliers access tools, training, guidance, and support that may not otherwise be accessible. This allows them to improve their skills, capabilities, performance, and compliance.<\/li>\n
- Fosters trust and collaboration between large enterprises and their suppliers. By sharing information openly and transparently, large enterprises help their suppliers understand their expectations and requirements. This helps them build stronger relationships based on mutual respect and cooperation.<\/li>\n<\/ul>\n
Practical Applications<\/strong><\/h3>\nOne example of how supplier collective defense can up-level a vendor\u2019s supply chain is by taking advantage of the Sigma format to share detection rules. Sharing detection rules in this way helps secure the supply chain by enabling consistent, scalable, and interoperable cyber threat detection across different log sources and SIEM systems. Sigma is a generic and open signature format that allows users to describe relevant log events in a straightforward manner. By using Sigma, an enterprise SOC can share their detection rules with their suppliers in a machine-readable and vendor-neutral way, allowing them to apply the same detection logic to their own log data. This helps the suppliers identify and respond to potential attacks faster and more effectively, reducing the risk of supply chain compromise.<\/p>\n
Sigma can also help the enterprise SOC to leverage the detection rules developed by other sources, such as ISACs, ISAOs, or open repositories, to improve their own threat visibility and coverage – and it also compliments the use of existing standards such as the OASIS STIX and TAXII for exchanging threat intelligence information, enhancing the collaboration and coordination between the enterprise SOC and the suppliers.<\/p>\n
Tapping into Tested and Trusted Collaboration<\/strong><\/h3>\nSupplier collective defense is not a novel concept but rather an extension and adaptation of existing practices and frameworks that ISACs and ISAOs have pioneered. These bidirectional threat intelligence-sharing organizations have demonstrated the value and feasibility of sharing cyber threat information and best practices among trusted partners and communities. By applying the same principles and mechanisms to the supply chain, large enterprises and their suppliers can enhance their cybersecurity posture and resilience while reducing the risk of supply chain disruption that cyber-attacks cause.<\/p>\n
Supplier collective defense is not only a technical solution.\u00a0 It\u2019s also a strategic and cultural one. It requires a shift in mindset \u2013 from viewing suppliers as potential liabilities, to viewing them as valuable allies. It also requires a commitment to collaboration, coordination, and communication across the supply chain. By embracing supplier collective defense, organizations can gain a competitive edge in the market while ensuring business continuity in times of crisis.<\/p>\n","protected":false},"excerpt":{"rendered":"
Solutions Review\u2019s\u00a0Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Jason Keirstead of Cyware introduces us to supplier collective defense and why enterprises should embrace it in their own strategies. We have all become far too aware of the challenges and risks that cyber threats pose to […]<\/p>\n","protected":false},"author":1069,"featured_media":5343,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1],"tags":[],"acf":[],"yoast_head":"\n
Supplier Collective Defense: A New Approach to Cybersecurity<\/title>\n<meta name=\"description\" content=\"Jason Keirstead of Cyware introduces us to supplier collective defense and why enterprises should embrace it in their own strategies.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Supplier Collective Defense: A New Approach to Cybersecurity\" \/>\n<meta property=\"og:description\" content=\"Jason Keirstead of Cyware introduces us to supplier collective defense and why enterprises should embrace it in their own strategies.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions & Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-26T20:28:41+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-26T20:29:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/Supplier-Collective-Defense-A-New-Approach-to-Cybersecurity.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jason Keirstead\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jason Keirstead\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/\",\"name\":\"Supplier Collective Defense: A New Approach to Cybersecurity\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/Supplier-Collective-Defense-A-New-Approach-to-Cybersecurity.jpg\",\"datePublished\":\"2024-04-26T20:28:41+00:00\",\"dateModified\":\"2024-04-26T20:29:17+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/5392a1a481db5dd50e26a2a5ad24485f\"},\"description\":\"Jason Keirstead of Cyware introduces us to supplier collective defense and why enterprises should embrace it in their own strategies.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/Supplier-Collective-Defense-A-New-Approach-to-Cybersecurity.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/Supplier-Collective-Defense-A-New-Approach-to-Cybersecurity.jpg\",\"width\":800,\"height\":400,\"caption\":\"Supplier Collective Defense\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Supplier Collective Defense: A New Approach to Cybersecurity\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions & Vendors\",\"description\":\"Buyer's Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/5392a1a481db5dd50e26a2a5ad24485f\",\"name\":\"Jason Keirstead\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/jason-keirstead_headshot.jpeg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/jason-keirstead_headshot.jpeg\",\"caption\":\"Jason Keirstead\"},\"description\":\"Jason Keirstead, Cyware Vice President of Collective Threat Defense, is a cybersecurity expert of more than 20 years who previously provided the technical direction of an extensive portfolio of software and security products at IBM. He also serves as co-chair of the Open Cybersecurity Alliance, creating straightforward, intuitive solutions to address complex security challenges.\",\"sameAs\":[\"https:\/\/cyware.com\/\"],\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/jkeirstead\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Supplier Collective Defense: A New Approach to Cybersecurity","description":"Jason Keirstead of Cyware introduces us to supplier collective defense and why enterprises should embrace it in their own strategies.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/","og_locale":"en_US","og_type":"article","og_title":"Supplier Collective Defense: A New Approach to Cybersecurity","og_description":"Jason Keirstead of Cyware introduces us to supplier collective defense and why enterprises should embrace it in their own strategies.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","article_published_time":"2024-04-26T20:28:41+00:00","article_modified_time":"2024-04-26T20:29:17+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/Supplier-Collective-Defense-A-New-Approach-to-Cybersecurity.jpg","type":"image\/jpeg"}],"author":"Jason Keirstead","twitter_misc":{"Written by":"Jason Keirstead","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/","name":"Supplier Collective Defense: A New Approach to Cybersecurity","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/Supplier-Collective-Defense-A-New-Approach-to-Cybersecurity.jpg","datePublished":"2024-04-26T20:28:41+00:00","dateModified":"2024-04-26T20:29:17+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/5392a1a481db5dd50e26a2a5ad24485f"},"description":"Jason Keirstead of Cyware introduces us to supplier collective defense and why enterprises should embrace it in their own strategies.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/Supplier-Collective-Defense-A-New-Approach-to-Cybersecurity.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/Supplier-Collective-Defense-A-New-Approach-to-Cybersecurity.jpg","width":800,"height":400,"caption":"Supplier Collective Defense"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/supplier-collective-defense-a-new-approach-to-cybersecurity\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Supplier Collective Defense: A New Approach to Cybersecurity"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","description":"Buyer's Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/5392a1a481db5dd50e26a2a5ad24485f","name":"Jason Keirstead","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/jason-keirstead_headshot.jpeg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/jason-keirstead_headshot.jpeg","caption":"Jason Keirstead"},"description":"Jason Keirstead, Cyware Vice President of Collective Threat Defense, is a cybersecurity expert of more than 20 years who previously provided the technical direction of an extensive portfolio of software and security products at IBM. He also serves as co-chair of the Open Cybersecurity Alliance, creating straightforward, intuitive solutions to address complex security challenges.","sameAs":["https:\/\/cyware.com\/"],"url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/jkeirstead\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/5342"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/1069"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=5342"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/5342\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/5343"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=5342"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=5342"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=5342"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"Supplier](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2024\/04\/Supplier-Collective-Defense-A-New-Approach-to-Cybersecurity.jpg\")
<\/p>\n