Supply Chain Security
What MiR does to protect your supply chain
Overview
Supply chain security has gained the attention of businesses of all sizes around the world. Due to the unprecedented scale of supply chain attacks, and the lack of an easy protection strategy, they are becoming a main area of concern in the industrial sector.
In general, supply chain attacks are becoming more prevalent and more prominent. While the SolarWinds hack of 2020 was not disruptive in the physical world, the Kaseya attack (July 2021) caused major disruption to the general public, even though it only realized a small fraction of its potential for damage.
The problem with supply chain attacks is that even if your IT department is doing all the right things to protect the business from cyber threats, a single compromised supplier can easily lead to a successful breach of an otherwise well-secured enterprise IT network.
Threat actors will often not target a well-secured network directly if attacks higher up in the supply chain, i.e. “upstream”, are more easily accomplished and have the potential to yield far greater profits. With an alarming raise in the frequency of supply chain attacks, suppliers in all industries need to step up their cybersecurity game. This is how MiR protects you from falling victim to a supply chain attack:
Malware Scans
When integrating a third-party supplied system into your IT infrastructure, you want to be sure that it doesn’t introduce malware into your network.
All MiR software is subject to malware scans as part of our release procedure. This means that no MiR software will ever reach you without having been scanned for the presence of malware.
Code signing
You are about to install new software, or apply a new update. Now imagine that somewhere on the way between your software provider and your enterprise IT infrastructure, that software was altered and malicious content was introduced. How would you ever know?
All MiR software is digitally signed, so that its authenticity can be reliably established. If even the smallest change is made to the software, the digital signature will be invalid and corruption will be detected. From software version 3.0 onwards, MiR products always verify the digital signature of an update before applying it, so that compromised software will not enter your system.
IT infrastructure security
Even with malware scanning and code signing in place, supply chain compromises can still occur. A compromise of your supplier’s IT infrastructure could lead to the introduction of backdoors and other stealthy, malicious functionality to the supplier’s codebase.
At MiR, our IT infrastructure is protected by state-of-the-art security technology provided by globally leading security solution providers. Advanced XDR, SIEM, and Insider Threat Protection are just some of the measures we take to protect our IT infrastructure, and with it, the supply chain of all our customers.
Software Updates
Our software contains third-party packages too, and we take care to update these packages with new MiR software releases. Just as with any other software in your enterprise IT environment, we highly recommend that you stay up to date with MiR software versions.
Consider this: our supply chain is part of your supply chain, just a bit further upstream. In order to adequately manage your supply chain security, it is imperative that you adopt new MiR software versions with their security improvements.