SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Tue, 7th Jun 2022
FYI, this story is more than a year old

Mandiant and Interos have entered a strategic partnership to provide advanced insights and analysis to help businesses defend against cyber attacks and other threats.

The collaborative partnership is intended to bring to market new intelligence based on insights garnered from Interos Resilience Lab and the company's SaaS platform, as well as frontline investigations and remediations Mandiant has conducted relating to high impact cyber attacks globally.

Mandiant's M-Trends 2022 report shows that global supply chains continue to be an attractive target for threat actors who seek to take advantage of trusted business-to-business relationships because attacking the supply chain offers an opportunity to move from one supplier network into multiple customer networks simultaneously.

Further, supply chain compromise made up 17% of instructions investigated by Mandiant in 2021 when the initial infection vendor was identified, compared to less than 1% in 2020.

In addition, new data from Interos' 2022 Annual Global Supply Chain Report shows that companies have been impacted by an average of three major supply chain disruptions within the last 12 months, accounting for a combined $182 million in lost revenue.

Of that figure, cyber attacks constitute $37 million, and Interos adds that these figures exclude any impact from the war in Ukraine.

Moreover, 91% of executives reported that their businesses had experienced supply chain disruptions from Tier 2 and Tier 3 suppliers in their extended supply chain.

“Interos is focused on helping organisations ensure operational resilience; continuously delivering in-depth analysis on criticality for risk, and risk management,” Mandiant chief technology officer Marshall Heilman says.

“Together with Interos, Mandiant will be able to proactively problem solve with a company that is leading the way in ensuring organisations of all sizes understand key attack vectors across supply chain, threat actors and nation state threats.

This partnership follows a recent alert from the Cybersecurity and Infrastructure Security Agency (CISA) warning of an increase in malicious cyber activity targeting managed service providers (MSPs).

The advisory also recommended MSPs to understand and proactively manage their supply chain risk.

“The CISA warning is more evidence that existing supply chain risk management systems were not designed for today's complex risk environment,” Interos chief technology officer Nishant Gupta says.

“Our collaboration with Mandiant will provide multi-factor risk intelligence to help commercial and government organisations better protect targeted entities in their third-party relationships to insulate them from disruption, ransomware, and IP theft.

“We're proud to partner with Mandiant to help leaders discover hidden business relationships and exposure to cyber vulnerabilities.

The announcement also comes after CrowdStrike entered into a strategic partnership with Mandiant in April in a bid to help joint customers investigate, remediate and defend against increasingly sophisticated cybersecurity events that plague organisations around the world.

CrowdStrike specialises in cloud-delivered protection of endpoints, cloud workloads, identity and data.