Supply chain vulnerabilities can quickly cascade across borders, sectors, and corporate ecosystems, underscoring the need for stronger visibility and control over third-party access. One growing risk lies in visibility gaps: many organizations lack insight into what third parties are doing, once the latter are allowed inside the network. Attackers exploit this by operating quietly within encrypted traffic and moving laterally: they “live off the land” using native tools to avoid detection.
To identify vulnerable links, organizations need to conduct continuous risk assessments of their third-party ecosystem: evaluating access levels, security posture, and real-world behavior.
Crucially, they should leverage telemetry from network traffic — not just logs — to monitor for anomalies that signal a third-party compromise. True supply chain security starts with knowing exactly who has access, what they are doing, and when that behavior changes.
CybersecAsia: Can you share practical strategies or frameworks that organizations can adopt to extend their cybersecurity beyond their own network perimeter to include vendor and partner ecosystems?
IF: Securing extended ecosystems demands a layered strategy anchored in Zero Trust Architecture (ZTA). This involves treating all users as potentially-compromised, and enforcing strict identity checks, access controls, and continuous monitoring. This will enable greater system observability and proactive perimiterless security.
A key tactic is network segmentation: restricting external-partner access to only essential resources and isolating critical assets. Security data lakes can enhance visibility by integrating network-derived telemetry across the environment, enabling real-time insights into third-party traffic, encrypted flows, and lateral movement.
Beyond the technology aspect, organizations must hold vendors to enforceable security standards: mandating diligence in their patching, incident reporting, and access controls. Bolstered observability ensures vendors stay within agreed parameters, and will enable rapid response when they do not.
Ultimately, securing the supply chain requires architectural discipline, unified visibility, and shared responsibility across the entire ecosystem.
CybersecAsia: Given the critical nature of infrastructure and financial institutions, what role should leadership play in fostering a culture of security awareness and accountability across all tiers of the supply chain?
IF: Leadership sets the tone for organizational resilience. For critical sectors such as infrastructure and finance, executives need to drive security from the top: embedding cybersecurity into business strategy and supply chain governance.
This means making cybersecurity a board-level issue — with clear key performance indicators, funding, and oversight — not just a technical concern delegated to IT.
The establishment of strong observability will need to be discussed at the Board level to improve an organizations digital infrastructure — signaling growing recognition that visibility and accountability are strategic imperatives across the supply chain.
Furthermore, the updated role of leadership in cyber resilience includes enforcing accountability across vendors; investing in technologies that provide visibility beyond the organizational boundary; and ensuring that security metrics are part of board-level discussions.
Leadership should champion a “trust nothing, verify everything” approach, while fostering a culture of shared responsibility. Security is not just IT’s job, but everyone’s business, including partners and suppliers.
CybersecAsia thanks Ian Farquhar for sharing his professional insights with readers.
