Supply chain attacks on vendors and third-party suppliers have far-reaching ramifications on healthcare organizations. Malicious actors can insert malware into a vendor’s code (or software updates), and when a client downloads the software, the attacker gains access to an organization’s networked systems.
However, there is another version of supply chain risk that results from an interconnected digital world that needs close attention: third-party risk management. For example, in December 2021, a ransomware attack against a workforce management company wreaked havoc on its customers’ payroll…
