Growing reliance on third-party suppliers signals increasing security risks

Growing reliance on third-party suppliers signals increasing security risks

Adversaries are turning their focus on cheaper, easier targets within an organisation's supply chain, especially as businesses increasingly acquire software from external suppliers. In this first piece of a two-part feature, ZDNet looks at how organisations in Asia-Pacific are facing more risks even as the perimeter they need to protect extends far beyond their own networks.

There had been a spate of third-party cybersecurity attacks since the start of the year, with several businesses in Singapore and across Asia impacted by the rippling effects of such breaches. 

Just last month, personal details of 30,000 individuals in Singapore might have been illegally accessed following a breach that targeted a third-party vendor of job-matching organisation, Employment and Employability Institute (e2i). Earlier this year, personal data of 580,000 Singapore Airlines (SIA) frequent flyers as well as 129,000 Singtel customers also were compromised through third-party security breaches.

That Singtel and SIA had been compromised through such attacks did not come as a surprise to Benjamin Ang, senior fellow of cyber homeland defence and deputy head of Centre of Excellence for National Security (CENS).

Established in April 2006, CENS is a research unit of the Nanyang Technological University's S. Rajaratnam School of International Studies and consists of local and overseas analysts specialising in national and homeland security issues.

Ang told ZDNet in a video call that the IT ecosystem had been built for efficiencies and speed of deployment. To do this in software development, libraries or DLL (Dynamic Link Libraries) had to ..