Supply Chain Impact On Your Business Stability
There is a lot of focus on advancing online public services and digital ID, and the exposure UK Government’s plans has on these for cyber-attack. They’ve been called a ‘honeypot’ for criminal ‘bees’.
I was therefore very interested to read about the investment of the UK’s Government Cyber Unit to coordinate risk management and incident response across government departments. With £210m earmarked on taking action, the aim for these new measures is to make online public services more secure and resilient, so people can use them with confidence.
Ian Murray (Digital Government Minister) says he wants to “keep people safe, services running, and build a government the public can trust in the digital age.”
Vulnerabilities in Supply Chains
My personal interest was triggered in the reference to supply chain in this announcement. This has significant impact to my clients, as we are all impacted on a day-to-day basis, and not just when using Government online services.
As with many aspects of our worlds, we are only as strong as the weakest link.
In business impact terms, this means our supply chains.
If you look at the recent cyber security breaches for M&S and JaguarLandRover, these were caused by their suppliers.
Are we a trusted supplier?
This raises the question to me of who may compromise our digital security in our supply chains? And if we look at our clients, are we seen as a security risk to them?
If so, our business stability could be under threat if we don’t have viable, robust and documented cyber security systems in place.
Reducing risk in the supply chain
The new Software Security Ambassador Scheme will help drive adoption of the Software Security Code of Practice – a voluntary project designed to reduce software supply chain attacks and disruption.
The government reports tell us that weaknesses in software can cause severe disruption to supply chains and the essential services we use every day with more than half (59%) of organisations experiencing software supply chain attacks in the past year.
So what can we do?
My recommendations would be:
- Ensure you have a comprehensive business cyber strategy in place that continuously evaluates your risks, and which defines exactly the measures you have in place to safeguard your business. I would strongly suggest this should include businesses in your supply chain, and what security you expect them to have in place.
- Develop a strong culture of cyber impact awareness in your teams. This will include personalised training and protocols they must adhere to. This will protect them personally as well your business.
- Check your business insurance for what it says you must have in place. This will ensure your financial position is covered, and guide to the measures you need to take.
- Invest in the most appropriate and robust technical solutions. These should prevent direct attacks as well as other areas, such as cyber criminals impersonating you. For example, replicating your email addresses, from which they can reach out to your customers, team, suppliers etc. compromising your financial position, commercial wellbeing and brand reputation.
If you would like help in keeping your business safe, then please get in touch and we can have a conversation to see how we might place our expertise into your business continuity strategy. Simply call 01473 350444 and ask for Colin, or email enquiries@heronit.co.uk.
Share this…
