{"id":9334,"date":"2025-12-12T12:25:43","date_gmt":"2025-12-12T15:25:43","guid":{"rendered":"https:\/\/www.certisur.com\/?page_id=9334"},"modified":"2026-01-20T17:57:41","modified_gmt":"2026-01-20T20:57:41","slug":"vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos","status":"publish","type":"page","link":"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/","title":{"rendered":"Vulnerabilities in suppliers and lack of skills: the two most critical fronts for CISOs"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"9334\" class=\"elementor elementor-9334 elementor-9333\" data-elementor-post-type=\"page\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-cc9c265 cs-elementor-noticia-header elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"cc9c265\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-07d5b79\" data-id=\"07d5b79\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-977de0b elementor-widget elementor-widget-heading\" data-id=\"977de0b\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">Vulnerabilities in suppliers and lack of skills: the two most critical fronts for CISOs<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fdd2c6d elementor-widget elementor-widget-text-editor\" data-id=\"fdd2c6d\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Cybersecurity operations center (SOC) screens displaying dashboards with alerts, threat maps, or real-time analysis. A dark technological environment with monitor lights conveying digital surveillance and the complexity of threats. <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6251c41 cs-elementor-noticia-header-date elementor-widget elementor-widget-text-editor\" data-id=\"6251c41\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tDecember 12, 2025\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5d15bf8 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"5d15bf8\" data-element_type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-63c4f558 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"63c4f558\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-70f0973b\" data-id=\"70f0973b\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-281ce271 elementor-widget elementor-widget-text-editor\" data-id=\"281ce271\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Corporate cybersecurity is at a critical juncture. On one hand, supply chain attacks have reached record levels: malicious actors are no longer targeting just companies, but also their suppliers, SaaS integrations, and third-party services. <\/p><p>On the other hand, organizations face a growing shortage of specialized talent capable of anticipating and managing these interconnected risks. This double pressure makes<strong> supplier security<\/strong> and <strong>the skills gap<\/strong> the most pressing challenges for CISOs in 2026. <\/p><article class=\"article-body article-body--third-paragraph content-protected-false\"><p>In this context, each new technology partner adds a potential entry point and necessitates enhanced audits, continuous monitoring, and stricter security agreements. At the same time, the lack of professionals trained to operate, scale, and automate defense strategies leaves internal teams overburdened, trying to do more with less. <\/p><\/article><article class=\"article-body article-body--fourth-paragraph content-protected-false\"><p>This reality is confirmed in a recent BrandShield report, which surveyed 200 CISOs about the main risks organizations face today. The study reveals a dispersion of threats that reflects the complexity of the digital ecosystem. <\/p><\/article><article class=\"article-body article-body--fifth-paragraph content-protected-false\"><p><strong>The 10 threats that most worry CISOs<\/strong><\/p><\/article><article class=\"article-body article-body--remaining-paragraph content-protected-false\"><ul><li aria-level=\"1\">Phishing<p> <\/p><\/li><li aria-level=\"1\">Malware y ransomware<p> <\/p><\/li><li aria-level=\"1\">Brand impersonation<p> <\/p><\/li><li aria-level=\"1\">Data and credentials leak<p> <\/p><\/li><li aria-level=\"1\">Supply chain attacks<p> <\/p><\/li><li aria-level=\"1\">Vulnerabilities in third-party software<p> <\/p><\/li><li aria-level=\"1\">Internal threats<p> <\/p><\/li><li aria-level=\"1\">Fraud on social media and fake websites<p> <\/p><\/li><li aria-level=\"1\">Deepfakes and identity manipulation<p> <\/p><\/li><li aria-level=\"1\">Risks associated with generative AI<p> <\/p><\/li><\/ul><p>The conclusion is clear:<strong> there is no single dominant threat<\/strong>. \u201cLevels of concern are evenly distributed, indicating that CISOs today face an ecosystem of interconnected risks that reinforce each other,\u201d explained N\u00e9stor Markowicz, COO of CertiSur. <\/p><p>This requires abandoning the traditional approach of prioritizing a single risk and moving towards a comprehensive defense based on multiple layers of security, including:<\/p><ul><li aria-level=\"1\">Automate certificate management<p> <\/p><\/li><li aria-level=\"1\">Detect and disable threats in real time<p> <\/p><\/li><li aria-level=\"1\">Incorporate multi-factor authentication (MFA)<p> <\/p><\/li><li aria-level=\"1\">Increase visibility into access points, exposed systems, and third parties<p> <\/p><\/li><\/ul><p>The current landscape demonstrates that cybercrime no longer operates in isolated compartments. A phishing campaign can be the prelude to ransomware; a digital identity manipulated through deepfake technology can enable critical access; a breach at a supplier can compromise the entire organization. <\/p><p>\u201cToday, cybersecurity is a business issue, not just a technology issue,\u201d Markowicz emphasized. \u201cAn attack can halt a company\u2019s entire operations, generate significant losses, and damage its reputation. With diverse and highly interconnected threats, a single incident can escalate very quickly.\u201d <\/p><p>Faced with this scenario, the priority is to gain visibility and automate. \u201cThe first step is to know which certificates, access credentials, and systems are exposed. Then, automate their management, add MFA, and raise team awareness. This combination immediately reduces the attack surface and prepares the organization to respond quickly to any incident,\u201d the COO concluded. <\/p><p><a href=\"https:\/\/www.ambito.com\/tecnologia\/vulnerabilidades-proveedores-y-falta-skills-los-dos-frentes-mas-criticos-los-cisos-n6223418\"><em>Scope<\/em><\/a><\/p><\/article>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Cybersecurity operations center (SOC) screens displaying dashboards with alerts, threat maps, or real-time analysis. A dark technological environment with monitor lights conveying digital surveillance and the complexity of threats. Corporate cybersecurity is at a critical juncture. On one hand, supply chain attacks have reached record levels: malicious actors are no longer targeting just companies, but [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":9337,"parent":4975,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[69],"class_list":["post-9334","page","type-page","status-publish","has-post-thumbnail","hentry","category-news"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>CertiSur<\/title>\n<meta name=\"description\" content=\"Cybersecurity operations center (SOC) screens that display dashboards with alerts, threat maps, or real-time analysis.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilities in suppliers and lack of skills: the two most critical fronts for CISOs - CertiSur\" \/>\n<meta property=\"og:description\" content=\"Cybersecurity operations center (SOC) screens that display dashboards with alerts, threat maps, or real-time analysis.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/\" \/>\n<meta property=\"og:site_name\" content=\"CertiSur\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/CertiSur\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-20T20:57:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.certisur.com\/wp-content\/uploads\/ambito.png\" \/>\n\t<meta property=\"og:image:width\" content=\"910\" \/>\n\t<meta property=\"og:image:height\" content=\"504\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@CertiSur\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/\",\"url\":\"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/\",\"name\":\"Vulnerabilities in suppliers and lack of skills: the two most critical fronts for CISOs - CertiSur\",\"isPartOf\":{\"@id\":\"https:\/\/www.certisur.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.certisur.com\/wp-content\/uploads\/ambito.png\",\"datePublished\":\"2025-12-12T15:25:43+00:00\",\"dateModified\":\"2026-01-20T20:57:41+00:00\",\"description\":\"Cybersecurity operations center (SOC) screens that display dashboards with alerts, threat maps, or real-time analysis.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/#primaryimage\",\"url\":\"https:\/\/www.certisur.com\/wp-content\/uploads\/ambito.png\",\"contentUrl\":\"https:\/\/www.certisur.com\/wp-content\/uploads\/ambito.png\",\"width\":910,\"height\":504},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"News\",\"item\":\"https:\/\/www.certisur.com\/en\/news\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerabilities in suppliers and lack of skills: the two most critical fronts for CISOs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.certisur.com\/en\/#website\",\"url\":\"https:\/\/www.certisur.com\/en\/\",\"name\":\"CertiSur\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.certisur.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.certisur.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.certisur.com\/en\/#organization\",\"name\":\"CertiSur\",\"url\":\"https:\/\/www.certisur.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.certisur.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.certisur.com\/wp-content\/uploads\/Logo-CertiSur-Signo-de-Confianza-300dpi-copy.png\",\"contentUrl\":\"https:\/\/www.certisur.com\/wp-content\/uploads\/Logo-CertiSur-Signo-de-Confianza-300dpi-copy.png\",\"width\":3075,\"height\":2483,\"caption\":\"CertiSur\"},\"image\":{\"@id\":\"https:\/\/www.certisur.com\/en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/CertiSur\",\"https:\/\/x.com\/CertiSur\",\"https:\/\/www.youtube.com\/c\/TecnologaCertiSur\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CertiSur","description":"Cybersecurity operations center (SOC) screens that display dashboards with alerts, threat maps, or real-time analysis.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerabilities in suppliers and lack of skills: the two most critical fronts for CISOs - CertiSur","og_description":"Cybersecurity operations center (SOC) screens that display dashboards with alerts, threat maps, or real-time analysis.","og_url":"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/","og_site_name":"CertiSur","article_publisher":"https:\/\/www.facebook.com\/CertiSur","article_modified_time":"2026-01-20T20:57:41+00:00","og_image":[{"width":910,"height":504,"url":"https:\/\/www.certisur.com\/wp-content\/uploads\/ambito.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_site":"@CertiSur","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/","url":"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/","name":"Vulnerabilities in suppliers and lack of skills: the two most critical fronts for CISOs - CertiSur","isPartOf":{"@id":"https:\/\/www.certisur.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/#primaryimage"},"image":{"@id":"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/#primaryimage"},"thumbnailUrl":"https:\/\/www.certisur.com\/wp-content\/uploads\/ambito.png","datePublished":"2025-12-12T15:25:43+00:00","dateModified":"2026-01-20T20:57:41+00:00","description":"Cybersecurity operations center (SOC) screens that display dashboards with alerts, threat maps, or real-time analysis.","breadcrumb":{"@id":"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/#primaryimage","url":"https:\/\/www.certisur.com\/wp-content\/uploads\/ambito.png","contentUrl":"https:\/\/www.certisur.com\/wp-content\/uploads\/ambito.png","width":910,"height":504},{"@type":"BreadcrumbList","@id":"https:\/\/www.certisur.com\/en\/news\/vulnerabilities-in-suppliers-and-lack-of-skills-the-two-most-critical-fronts-for-cisos\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"News","item":"https:\/\/www.certisur.com\/en\/news\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilities in suppliers and lack of skills: the two most critical fronts for CISOs"}]},{"@type":"WebSite","@id":"https:\/\/www.certisur.com\/en\/#website","url":"https:\/\/www.certisur.com\/en\/","name":"CertiSur","description":"","publisher":{"@id":"https:\/\/www.certisur.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.certisur.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.certisur.com\/en\/#organization","name":"CertiSur","url":"https:\/\/www.certisur.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.certisur.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.certisur.com\/wp-content\/uploads\/Logo-CertiSur-Signo-de-Confianza-300dpi-copy.png","contentUrl":"https:\/\/www.certisur.com\/wp-content\/uploads\/Logo-CertiSur-Signo-de-Confianza-300dpi-copy.png","width":3075,"height":2483,"caption":"CertiSur"},"image":{"@id":"https:\/\/www.certisur.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/CertiSur","https:\/\/x.com\/CertiSur","https:\/\/www.youtube.com\/c\/TecnologaCertiSur"]}]}},"_links":{"self":[{"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/pages\/9334","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/comments?post=9334"}],"version-history":[{"count":3,"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/pages\/9334\/revisions"}],"predecessor-version":[{"id":9352,"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/pages\/9334\/revisions\/9352"}],"up":[{"embeddable":true,"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/pages\/4975"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/media\/9337"}],"wp:attachment":[{"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/media?parent=9334"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.certisur.com\/en\/wp-json\/wp\/v2\/categories?post=9334"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}