Business Process Compromise (BPC) cyber-attacks are not often covered in the media. Their distant relative — the similarly sounding Business Email Compromise (BEC) — tends to get most of the billing, especially after the FBI branded it the most costly threat of 2018. But the truth is that this broad category of attacks is a major threat to organisations. Last year we revealed that 43% of US and European firms had been impacted by BPC.
Modern organisations are increasingly dependent on their supply chains to meet key business goals. But as partner ecosystems have grown and become more complex, so has cyber risk. Unfortunately, UK firms are still flying blind when it comes to managing this risk. A new Accenture report out this week claims that as many as 70% may be vulnerable to attack because they don’t have enough insight into suppliers.
It’s time organisations treated supply chain security as an urgent priority. That means vetting, auditing and continuously monitoring third parties according to the same high standards as your own company. Continue reading →
The UK’s National Cyber Security Centre (NCSC) has done a fantastic job since it was launched in 2016 of supporting businesses, government agencies and the public in their efforts to become more secure. Most recently this week it launched a new Cyber Accelerator designed to uncover the most talented UK start-ups in the sector — all with the mission of making the UK the safest place in which to live and work online.
At Trend Micro, we might sit at the opposite end of the industry from the start-up community, but we’re right behind the NCSC’s efforts. That’s why we’re showing our support at the CYBERUK event hosted by the NCSC next week, as a networking sponsor. Continue reading →
Critical national infrastructure (CNI) covers a wide variety of industries. But what most have in common is that they run industrial control systems (ICS) and other operational technology (OT). Increasingly, these are being enhanced by new investments in Internet of Things (IoT) systems, in a bid to improve efficiency. The problem is, as these legacy technologies are brought online and integrated with IT systems, they become exposed to new cyber risks, with potentially major repercussions.
A new global study reveals that 90% of CNI providers have suffered damage to their environment as a result of cyber-attacks over the past 24 months. To support business growth and minimise risk, CNI firms need to improve visibility and control in these OT environments. Continue reading →