C2 RISK’s Post

Another ransomware attack today - originating from a third party supplier again. The answer is simple - protect your information with easy-to-use, intuitive software from C2 at an affordable price. Prevention is always better than cure. With new deals currently available you can secure peace of mind with your supply chain security. Have a chat with us! #TPVRM #vendorriskmanagement #cybersecurity #C2Risk

Your company is only as strong as it's weakest link, especially when it comes to cybersecurity. Starbucks was recently affected by a cyberattack on a third-party vendor. This has disrupted the ability of employees to view and manage their schedules and track hours. Starbucks also has to manually pay employees in its 11,000 locations until this is resolved. Lawsuits are definitely on the horizon.... Consider this scenario when choosing who should be your Managed Service Provider. Choose a partner who can understand the complexities, liabilities, and constraints of your network. #TeamBraden #MSP #ManagedServices #cybersecurity #AI https://lnkd.in/egm6MP2Z

Coffee aficionado or not, you may have read the most recent headline with #Starbucks. Key points, John Hensberger Jr. shares: A #RiskManagementProgram in place, including a strong Vendor Management program emphasizing strong #cyber posture, is critical to ensuring partners have the appropriate #cybersecurity controls. In addition, when evaluating #risk, having an #IncidentResponsePlan to help navigate these situations to avoid extended outages to critical lines of business applications will help prevent chaos and help the organization respond and recover in a timely manner. Just because a key vendor or partner has a cyber incident doesn't mean they lack proper cyber security controls; it is the responsibility of all organizations to be prepared when #cyberattackers strike the #supplychain. https://lnkd.in/eGKwf-ta

A #ransomware attack on one of Starbucks’ software vendors has disrupted how the coffee chain’s baristas view and manage their schedules. As ransomware attacks have surged, 2024 is on track to be one of the worst years on record. By mid-2024, more than 2,300 incidents had already been reported, according to a report from the Office of the Director of National Intelligence. https://lnkd.in/dbg5-_by #sccybersecurity #sccssummit #grc #tprm #riskassessment #cyberrisk #supplychainsecurity #cyberattacks #riskmanagement #thirdpartyrisk

This is another example that highlights how Product/Solution breaches could be more disruptive as they impact the organizations that use those products/solutions. Panasonic's Blue Yonder impacted Starbucks, Morrisons, Sainsbury's, etc. Hence, #ProductSecurity must be a priority. Be #ResiliAnt #Panasonic #BlueYonder #Starbucks #Morrisons #Sainsbury #Governance #RiskManagement #BOD #Cybersecurity https://lnkd.in/eGKwf-ta

🚨 Cybersecurity matters more than ever in workforce management. 🛡️ While Starbucks resorts to pen-and-paper timekeeping and scheduling after a vendor hack, they are going to feel the effects of downtime and operational chaos. TCP Software, we’re proud to offer Humanity Scheduling and TimeClock Plus, solutions that have not fallen victim to a cyber attack. With top-notch security 🔒 and seamless functionality, we empower organizations to schedule and manage their workforce confidently—no pen and paper required! 📆 Let us help you avoid unnecessary disruptions and future-proof your scheduling systems. Reach out today to learn more about how we can support your business! #WorkforceManagement #Cybersecurity 🖥️ #SchedulingSoftware #HumanityScheduling

The Blue Yonder hack apparently forced Starbucks to pay baristas manually after a ransomware attack disrupted the third-party software. When critical processes like payroll fail, the impact is immediate, and resilience shifts from “important but not urgent” to “urgent and critical” instantly. Starbucks' situation highlights the need for resilience in outsourcing: 1. How resilient are your critical third-party providers against attacks? 2. Do you have contingency plans for outsourced critical processes? 3. How quickly can you adapt when the unexpected happens? To get the full benefits of outsourcing, ensure you replace hope with resilience.

As this WSJ article highlights, contingency and continuity plans are critical. This example of a ransomware attack on Blue Yonder impacting its customers is increasingly common. As such, supply chain professionals, along with cross-functional teams, need to determine their backup systems and processes (even if manual as in the article) well before an event occurs. Today's RFP must address cybersecurity protocols such as third-party verification, zero trust architecture, and vetted security requirements; however, clarity on roles and responsibilities when an attack occurs must also be addressed. #supplychainmanagement #cybersecurity #procurement #georgetownscs

Real-World Example of a Supply Chain Attack Blue Yonder, a supply chain management company used by major brands like Starbucks, was recently hit by a ransomware attack. This incident highlights the interconnected nature of cyber risks: while Starbucks would need coverage for 'Supply Chain Attacks' to mitigate business disruptions, Blue Yonder requires robust protection against 'Ransomware' to handle direct operational impacts. This example underscores the importance of comprehensive cyber insurance tailored to specific risks. We covered these categories and more in our recent article on cyber threats (https://lnkd.in/dpUgStH9) Link to USA TODAY article on the attack: https://lnkd.in/gup3vSwa #CyberSecurity #SupplyChain #Ransomware #RiskManagement #CyberThreats #BlueYonder

Let’s assume for a moment that attackers don't keep you up at night because your business has a rock solid security plan in place, that is maintained, evaluated and tested on a regular basis. Do you know how secure your service providers and business partners are, who have access to your data and maintain your systems or applications? If they suffer a ransomware attack or have data stolen in a breach, how will your business be impacted? I help businesses answer and solve these questions. #ThirdPartyRisk #SupplyChainSecurity #VendorManagement #DataProtection #BusinessContinuity #CyberRiskManagement #InformationSecurity #SecurityAdvisory #ProtectYourBusiness #RiskAssessment #CyberResilience #ITSecurity