By Elad Shapira, Head of Security, Panorays
In the wake of coronavirus, companies are now applying immediate work-from-home policies. This sudden and massive change poses a set of new cybersecurity risks and is forcing security teams to take immediate action.
One of these cybersecurity risks emanates from the supply chain. While a large company may be able to quickly undergo the transition from a relatively concentrated workforce to a large-scale remote workforce, its supply chain partners may not.
In an effort to ensure the cyber resilience of the supply chain during these turbulent times, Panorays has readily made available the related vendor evaluation criteria, broken down to 18 questions. Companies are welcome to use these questions to assess their vendors’ preparedness for work from home.
These questions will help companies assess the cybersecurity risk emanating from their suppliers that have adopted work-from-home practices. It’s important to note that considering the sudden shift in business behavior, the regular spreadsheet evaluation process will not work, considering the time and human effort it requires. As such, automation of the process is essential. Doing so will allow companies to easily add questions without the need to resend the full questionnaire, track progress, measure and quickly calculate risk levels. Most of all, it will allow companies to quickly and easily scale this process to ensure their security policy is enforced throughout the supply chain.
Elad brings to Panorays extensive cybersecurity knowledge across all levels, from reversing and low-level hacking to Web application and social engineering.
At Panorays, Elad and his team are responsible for mimicking hacker behavior by researching new attack techniques and vectors in order to automatically test the security posture of companies en masse. Elad is a recognized speaker, having presented at various hacking conferences such as BlueHat IL, ReCon and Defcon meetups. Prior to Panorays, Elad was the Mobile Security Research Team Leader at AVG Technologies.