Supply-chain risk comes from four main areas: Hardware, software, services, services and people. Eric Doerr, GM at the Microsoft Security Response Center, spoke at Black Hat 2019 on Thursday. Doerr: People aren t just introducing risk into corporate environments they re also the key to proactively driving it out. Microsoft wasn’t impacted by the Wipro incident, but there were several lessons learned in its exploration process when it comes to locking down the people part of the supply chain.
Source: https://threatpost.com/supply-chain-risk-people-microsoft/147133/