The battle against cybercrime rages on. And global supply chains remain highly vulnerable. It should come as no surprise that the globalization of supply chains, resulting in the addition of many new trade and service partners, has made companies more susceptible to breaches of their information-security systems. Often they come in unexpected places, such as the HVAC contractor that was reportedly the point of entry for attackers who stole customer credit-card information from Target stores. On this episode, we speak with Steve Durbin, managing director of the Information Security Forum, who describes the scope of the problem, explains why so many companies are vulnerable to cybercrime, and lays out the steps they should be taking to shore up their systems against attack. The ultimate solution, he says, lies in the adoption of a carefully crafted risk-management program, in tandem with detailed contracts with suppliers who might otherwise be conduits to information breaches.