So what's really needed is outside-in continuous monitoring of the cyber supply chain. A number of savvy entrepreneurs and VCs with deep pockets recognize this opportunity and are funding innovative SaaS providers to bridge the gap. For example, BitSight provides an intriguing rating service (along the lines of a credit score or D&B) that looks at cyber risk across companies and industries. RiskIQ provides outside-in continuous monitoring of ad networks looking for hidden malware and spyware, and SkyHigh Networks constantly assesses risks associated with consumer and enterprise cloud services.
Cyber adversaries know that our networks are dynamically connected with others so finding the "weakest link in the cybersecurity chain" could be as easy as hacking into your HVAC contractor's systems - just ask Target. We need better oversight and visibility over cyber supply chain risk and we need it as soon as possible. Given this, it's likely that these VC-backed startups are in the right place at the right time.
Source: Network World
Sign up for Computerworld eNewsletters.