3rd Party Risk Management , Events , Governance & Risk Management

Getting a Tighter Grip on Supply Chain Security Risk

Proofpoint CEO Ashan Willy on Ways to Identify Third-Party Compromises
Ashan Willy, CEO, Proofpoint

Some of the most sophisticated cyberattacks are being targeted at third-party suppliers in an effort to affect their critical clients, said Ashan Willy, CEO of Proofpoint. But often client organizations affected by these attacks do not even realize a key supplier has been hit, he added.

See Also: The Operationalization of Threat Intelligence Programs

"It's not easy for large companies to know all their suppliers. Some of them have 20,000 or 40,000 suppliers," he said. Through the use of machine learning and other tools, including analysis of invoices and communications, "we can figure out in real time who their suppliers are," he said.

In this video interview with Information Security Media Group at RSA Conference 2023, Willy discusses:

  • How email security helps detect third-party compromises;
  • Other security challenges involving third-party suppliers and partners;
  • Common attack progression patterns.

Willy directs a global workforce of over 4,000 employees focused on defending customers from advanced threats and compliance risks by protecting their people - and in turn, safeguarding their data, business and reputation. Willy has over 25 years of leadership experience in engineering, product management, worldwide strategy and planning across global markets.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.