ABSTRACT
As companies add more cloud-based technologies to their IT environments, they create new security and privacy risks. Increasingly, malicious actors target key vendors within these integrated, interconnected ecosystems. This chapter explains the different types of supply chain attacks, how to analyze vendor risk, and steps for implementing a vendor risk management program.
