How to kill email infection in your supply chain

posted by Greg Sim
17 June 2019

Expectations for data-on-demand and the growth of outsourcing are adding to risk-levels in long-tail digital supply chains around the globe.

Partners lower their guard to achieve mutual commercial goals, while hoping best practice is implemented by everyone.

Monitoring reveals that half of the evasive threats in the digital supply chain are phishing emails, the vast majority from spoofed email domains. Everyone should therefore think hard about email security. How is it possible to know for certain that a partner’s network is not crawling with malicious actors?

Trust depends on several factors. It’s vital that the entire chain implements cyber security standards such as the Domain Message Authentication Reporting & Conformance (DMARC) and that partners scrutinise each other’s security protocols.

Beyond this, true security requires leading-edge technologies, such as Content Disarm and Reconstruction (CDR) solutions, which insert the most effective, protective barriers between partners without hindering business continuity.

Many technologies stop malicious threats, but also generate large proportions of false positives that severely damage business continuity. To complicate matters hugely, sophisticated, elusive threats regularly evade many detection-based technologies that block emails.

Rather than attempting to identify and block suspicious attachments, CDR regenerates clean, secure files and passes them on. Anything malicious is made benign, with no blocking or quarantining required.

In one example, malicious actors who penetrated a company’s security stack, exploited the use of out-of-date versions of spreadsheet software in the thousands of emails routinely shared with supply chain partners. Nobody was suspicious and over six months more than 170 malicious files were missed by the legacy security defences.

The number of malicious spreadsheets dropped to zero once file-regeneration was installed, and without requirements for burdensome rules or practices. Or consider an infected shipping manifest, passed to a shipper by a cargo-loading company, then to a distributor and original manufacturer. All the way, malware infects each system. But for those with file-regeneration technologies, the chain is immediately broken.

In these complex, long-tail value chains, ensuring the integrity of outbound files and attachments is also as important as defending yourself from those that come in. Nobody wants to be the source of infection.

The complexity of the supply chain demands rigorous security policies but also the right technology and a constant focus on outcomes. This is the only way to guarantee far greater confidence and ensure organisations right across the business ecosystem remain safe.

☛ Greg Sim is CEO at Glasswall Solutions

CIPS Knowledge
Find out more with CIPS Knowledge:
  • best practice insights
  • guidance
  • tools and templates