Cyber & IT Supervisory Forum - November 2023

Strategies for Managing Digital Supply Chain Risks

Cybersecurity Measures

Risk Assessment and Planning

Incident Response and Business Continuity

Supply Chain Resilience

Vendor Due Diligence

35

Software Supply Chain Attacks A Growing Threat to Banks

• Software supply chain attacks impact cybersecurity • Significant consequences: Data breaches, reputational harm to financial sectors • High-profile incidents: SolarWinds, Kaseya highlight disruption risks • Robust cyber defenses: Require thorough software evaluation, monitoring, and updates • Trust in supply chains: Depends on strong, transparent cybersecurity • Opaque third-party practices: Present significant risks, as shown by SolarWinds • CrowdStrike study: Two-thirds of organizations attacked, 90% suffered financial impacts With recent regulatory updates and the escalating threat to software supply chains, banks must incorporate stringent cybersecurity protocols and leverage the latest Federal Banking Agencies' TPRM guidance to fortify their defenses against sophisticated cyber attacks.

36