in STEMGeeks2 years ago (edited)


Who'd have thought a utility provider could wipe out 46% of your profit overnight?

Well, that's exactly what happened to Target in December 2013.

It turns out hackers stole 40 million financial records from the American brick-and-mortar retailer.

But the real kicker came the following day when they announced the news.

This caused Target's company profits to fall by 46 percent overnight.

And here's the thing…

The attackers didn't start with Target directly.

Instead, they used credentials stolen from their heating and air conditioning provider.

Seems crazy right?

Image Source: News

Well, fast forward to 2021, and the problem is even worse.


Because there are hundreds of touchpoints in a business's supply chain.

That means more opportunities for these devastating attacks to happen via a 3rd party vendor.

And this is just one of the many ways a business could be exposed to a supply-chain cyberattack.

I'm currently working on an eBook in which I cover some of the main ways supply-chain attacks happen.


  • Exploiting networking vulnerabilities
  • Leveraging unpatched software
  • Social engineering

That's why it pays to have someone advising on IT Policy and ITSM processes and proactively managing IT security for a business.

The threats are always there, and the odds of it happening to a business increase every day.

Now, I'm not saying someone is going to let a supply-chain attacker in on purpose. They're probably not.

Image Source: Blog

But the problem with many small businesses is that they don't have the right processes and policies in place and are often slow to update software and antivirus protection.

And without the latest protection in place, a business is at greater risk.

So, if a business is relying on hope, good luck, and legacy software or equipment…

Or, they keep putting it off and telling themself that their systems are "working fine"...

Then they are on borrowed time.

So instead of leaving it to chance…

Why not take control and make sure their business is protected from the ever-increasing threat of a cyber attack?

What do you think about businesses that do not safeguard their business from supply-chain attacks?

If you haven't already, signup for our ITSM Rhino Newsletterand start receiving your FREE Information Technology and Cybersecurity-related eBooks and more.

I hope you enjoy continuing to enjoy my articles. Feel free to reach out or comment here if you have suggestions or questions.

Who knows, I'm known to give out Hive tokens for re-blogging, rewarding my favorite comments for each post, and sharing the posts on Twitter. Just use the hashtags #itsmrhino and #hive when you tweet. I always upvote comments and respond to each.

If you don't have a Hive account, you can create one here at PeakD.

Posted from my blog with Exxp :
 2 years ago 

How affordable are these security measures for small businesses?

Leonis (@enforcer48),
That is a good question, but one that would require much more detail for an answer that would be sufficient.

First, we would have to make sure we understood the actual size and industry in which the small business operated. Here in the U.S., the Small Business Administration (SBA) defines a small business based on the industry in which they operate and or the annual receipts or the average number of employees. They use the Table of Size Standards to determine this. So, for the most part, a small business by the SBA definition can have up to 1,500 employees on average and makeup to around $38.5 million USD in annual receipts.

However, the numbers I personally like to use more are those provided by Gartner, which is less than 100 employees and less than $50 million USD in annual revenue.

Neither of these definitions of course matches the "mom and pop" businesses many envision when we bring up a small business in a conversation. However, when talking business to business (B2B) topics, like this post, the SBA and Gartner definitions are what I typically will be thinking about.

That said, there are very affordable solutions for those "mom & pops" when it comes to policy and technical solutions. I have helped a handful in the past. It encompassed everything from a simple technology use policy for the business, to daily, weekly, monthly, and yearly checklists to remind them about updates, maintenance, backups, license renewals, etc.

Hope this answered your question, it was much appreciated. Love the engagement.

Charge on!