Supply chain analysis

Introduktion

Reducing the risk of supply chain attacks and incidents

Most organizations today face major challenges when it comes to ensuring information security in their supply chains. It becomes difficult to ensure security in modern supply chains that often span multiple countries and involve a spectrum of different suppliers and subcontractors. Fully controlling and monitoring all aspects of the chain is difficult, yet the chain is critical to the business.

The challenge

The problem with the supply chain

One of the most common challenges we see is the lack of transparency and visibility in the supply chain. Many organizations do not have sufficient knowledge of the suppliers in their chain, making it difficult to assess and manage digital security risk. In addition, suppliers may in turn have subcontractors whose security practices and processes are even less known to the organization, increasing the problem and risk of vulnerabilities and cyber-attacks.

Another challenge is managing and complying with rules and laws governing information security and data protection. With the introduction of stricter laws such as the GDPR and the NIS2 Directive, organizations are required to ensure that their supply chain complies with these rules. However, as we wrote earlier, this is difficult to achieve because you don’t always know what happens to the information flowing through the chain. It is simply a complex task.

As the organization grows, responsibilities in other areas also increase, so after a long time there may be a lack of both internal resources and expertise to conduct comprehensive audits of suppliers. In addition, there is often a lack of a pillar to support security checks when bringing in new suppliers.

Företagsbild, Tobias Granslund diskuterar med Petra Jonsson

Contact Us

Do you want to know more about our service and solutions? Contact us and we will assist you.

Contact Us

Our service

How we strengthen your supply chain

With all the challenges posed by the supply chain, it is important to address supply chain security issues in a structured and proactive way to minimize risks and ensure a strong security culture throughout the supply chain. The solution is not to minimize the chain but to ensure safety in it. This is where our supply chain analysis comes in. By analyzing and assessing the supply chain from an information security perspective, we can identify and manage potential risks and vulnerabilities, meet regulatory requirements and ensure robust information security practices across the supply chain.

Två personer sitter vid ett bord. En person bakom en dator samtalar med person framför datorn

Några av våra kunder

Our service

This is how a project works

Start-up meeting
We discuss scope, objectives, methodology, timeline and expectations.
Documentation
We review your organization’s existing documentation of supply chain security policies, processes and risk assessments and the suppliers involved. As an option, we can also provide a GDPR assessment and screening of the supplier. We also have the possibility to conduct an OSINT of the supplier.
Workshop
Key people within your company are interviewed to gather information that is not documented and to gain further understanding from existing documentation.
Risk analysis
Based on what you have chosen, a two-part risk analysis is carried out. The first part assesses the level of supply chain maturity of your organization according to the controls in ISO27001:2022. The second part assesses the level of information security risk based on OSINT or GDPR.
Report
We compile the work and produce a report and recommendations on the main risks.

Get in touch!

For more information about the service, you can either send a message using the contact function, or simply pick up the phone and call. We also offer services in
ISO 27001
and as your
external data protection officer
!

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement		Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics		Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional		The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary		Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-others		Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance		Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance".
CookieLawInfoConsent		Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
JSESSIONID		The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.

Cookie	Duration	Description
1e5a17c8ab		This cookie is set in relation to Zoho Campaigns
AnalyticsSyncHistory		No description
bscookie		LinkedIn sets this cookie to store performed actions on the website.
lang		LinkedIn sets this cookie to remember a user's language setting.
li_gc		Used to store consent of guests regarding the use of cookies for non-essential purposes

Cookie	Duration	Description
_ga		The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_X8W3VDVR14		This cookie is installed by Google Analytics.
_gat_UA-112487526-1		A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gid		Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
utm_source		This cookie is used to record from where the visitor came to the website orginally. This information is used by the website operator to know the efficiency of their marketing.

Cookie	Duration	Description
_fbp		This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
d18efd344f		Collects information on user preferences and international with erb content. Used to promote relevant events or products. Session.
fr		Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE		Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie		The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
utm_medium		This cookie is used to record from where the visitor came to the website orginally. This information is used by the website operator to know the efficiency of their marketing.
ZCAMPAIGN_CSRF_TOKEN		No description available.
ZMEET_CSRF_TOKEN		No description available.