Are you on road to the Cyber Highway?
It is unlikely that your supply chain is travelling in this direction yet as this initiative was only launched last month in London by Lord David Blunkett, the chairman of Cyber Essentials Direct Limited.
The concept behind this is to help improve a businesses cyber security posture and to provide reassurances in their supply chain which traditionally can present a significant cyber security threat…… an area which businesses often overlook and who have little or no control over.
What is the Cyber Highway?
It is a user friendly on-line portal certification process aimed at large businesses who rely on their supply chains. Cyber Essentials is the certification process that will be utilized. which is a UK Government Scheme that was launched in 2014 to help businesses protect themselves against mainstream cyber attacks. During this process it will also be possible for businesses to monitor the progress of their suppliers in attaining Cyber Essentials accreditation.
Certain Government departments already require their suppliers bidding for contracts to be Cyber Essentials certified. This requirement is likely to become more widespread in other industries in the future as cyber security becomes an increasing focus in the commercial world.
- It is designed for all business sizes
- It is a series of clear self-assessment statements
- The provision of a comprehensive quality assurance frame -work
- A user friendly on-line platform
- A fully integrated and comprehensive cyber security self auditing system
- Provision of a complete range of accessible tools and solutions
Helping the Cyber Landscape
It assists in securing the supply chain of business
It protects the infrastructure of businesses with whom larger companies trade
Post BritExit it is important that British businesses hold a recognized cyber security certification and this will further highlight.
Cyber Claims in the Supply Chain
One of the highest profile cyber claims is that of the Target Corporation which took place in 2013 where cyber criminals infiltrated a third party supplier in order to gain access to Target’s data network. This breach costs Target $61M and had a impact on their profits which fell 46% that year.
Stuxnet is a malicious computer worm that is normally introduced to the supply network via an infected USB flash drive and targets automated process that control machinery on factory lines. There have been a number of reported incidents involving Stuxnet.
On-line retailers is another business sector that can be susceptible to compromises due emanating from a supply chain vulnerability. Home Depot suffered a credit data breach in 2014 which was due to stolen credentials from a third party vendor.
Implications for Cyber Insurance
Cyber insurers are likely to favor the instigation of the Cyber Highway as this represents improved risk management to the supply chain of businesses which currently offers concern to them being an avenue for claims that it presents to hackers and the ability to compromise their computer systems that may lead to a data breach or resulting in cyber crime.