You have read this headline elsewhere today. It may have been another story that you noticed without noticing, perhaps made a ‘tsk’ noise about then moved on, possibly to read about the latest data breach or ransomware outbreak.
The vast majority of businesses in the UK are SMEs. They are a hugely important part of the fabric of UK private sector and we have long known that the variance in cyber preparedness and data protection, is as vast as the types of business they represent. Consider however, that part of our critical national infrastructure (CNI) is also in private hands, not only that but CNI suppliers are private sector and may well include, by even only one degree of separation, any of these SMEs that have no cyber strategies in place.
Consider now that UK CNI supply chain has been under attack, according to NCSC, since at least July 2017 and this becomes a worry for everyone. Because basically our weakest point, those businesses not taking cyber preparedness as seriously as they need to, could actually become routes in to our CNI.
Supply chain assurance is a very important part of any organisation’s security and due diligence on supply chain partners has clearly never been more important. According to The Ponemon Institute’s Sixth Annual Study; Is Your Company Ready for a Big Data Breach, more companies are requiring audits of third party security procedures with 60% now saying they require audits of third party security procedures. Given this high level and growing requirement, it seems like commercial good sense to take hold of cyber security strategy and not be one of the one in three…
Talk to us about Supply Chain Assurance
- Posted by Ellie Hurst
- On 18th March 2019
- 0 Comments