A Supply Chain Incident Taxonomy
Eric Byres
S4x24 - ICS Security Conference · Day 3 · Main Stage
In this insightful S4 talk, veteran cybersecurity expert Eric Byres addresses a fundamental challenge plaguing the understanding and defense against supply chain attacks: the lack of a comprehensive and meaningful taxonomy. Byres, reflecting on two decades of experience in the field, including early encounters with sophisticated threats like the Dragonfly attacks in 2014, highlights the critical need for a better way to define and classify these complex incidents. He argues that existing definitions, such as the one from CISA, are often too narrow, failing to encompass the full spectrum of observed attacks and hindering effective communication and defense strategies.
AI review
Byres' S4 talk presents a much-needed, novel taxonomy for supply chain incidents, fundamentally dividing attacks into "creation" and "delivery" phases. This framework addresses the critical shortcomings of overly narrow existing definitions, enabling security professionals to better classify, communicate about, and defend against these complex threats. His deep experience and thorough research provide a robust, actionable model that significantly advances the industry's understanding and defensive posture against supply chain compromises like SolarWinds and Stuxnet.