Every organization has security weaknesses—some are known, and others are unknown. Some are managed and addressed–or at least insured against–others are accepted with crossed-fingers. CISOs and employees down through the IT chain of command know there are places where they could have better controls in place, but they have to make calculated risks and tradeoffs based on resources, objectives, and priorities. If you’re immersed in IT security, then invariably you encounter a headline several times a week about the “weakest link” in security. It’s humans/employees, right? Possibly. Partly. Often, the weakest link in cybersecurity is with your third-party vendors—and their humans! When the weak link is the company that helps manage your IT infrastructure and security, it’s reason for a whole other level of alarm. This is the scenario confronting at least a dozen Wipro [NYSE: WIT] customers right now. This blog provides a brief recap about what we know about the Wipr breach, potential implications, and 7 takeaways we can apply to lower the risk exposure and impact from supply chain cyberattacks affecting our MSPs and other vendors.