Russia-Ukraine War: 8 Questions to Ask Your Vendors

Russia’s invasion of Ukraine has elicited a unified response by NATO and its allies, with member nations imposing sanctions on Russia as punishment. Considering that some of the most severe third-party cyber-attacks – such as SolarWinds, Colonial Pipeline and JBS Foods – have been traced to Russia, the U.S. Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have warned businesses and governments to be vigilant against potential ransomware attacks originating from Russia in retaliation for imposing these sanctions.

Below are example questions that you can use to assess the risk facing your third parties (e.g., vendors, partners, suppliers, etc.) related to the conflict. Prevalent has compiled these questions into a multiple-choice Ukraine Conflict Geo-Political Third-Party Impact Assessment, which you can use to determine the business continuity implications of having suppliers in the Ukraine region. If you have suppliers potentially impacted by this event, this assessment is a good starting point to determine your exposure. It is also available to our customers as part of the Prevalent platform’s questionnaire library.

Test Your Incident Response Plan Before the Next Third-Party Cyber-Attack

Many organizations struggle to get timely information about security incidents impacting their supply chains. Delays between a vendor incident and your own risk identification, analysis and mitigation will leave your organization exposed to operational disruptions. Prevalent can help.

The Prevalent Third-Party Incident Response Service enables you to rapidly identify and mitigate the impact of supply chain incidents by centrally managing vendors, conducting proactive event assessments, scoring identified risks, and accessing remediation guidance. Don’t get caught flat-footed by a third-party cyber-attack you know is coming. Contact us today to learn more or schedule a demo.