Cybersecurity is difficult to get right. On the one hand, CISOs are very much impacted by a highly volatile threat landscape. The tools, tactics and techniques used by cyber-criminals to attack their organisation evolve fast to exploit newly found weaknesses and take advantage of wider trends. The recent spike in crypto-jacking, for example, came about only after the value of digital currencies soared. Yet on the other hand, security leaders must be more measured. Only by stepping back and taking a more considered view of the industry untroubled by immediate threats can strategic, longer term decisions be made in the best interests of the business.
Modern organisations are increasingly dependent on their supply chains to meet key business goals. But as partner ecosystems have grown and become more complex, so has cyber risk. Unfortunately, UK firms are still flying blind when it comes to managing this risk. A new Accenture report out this week claims that as many as 70% may be vulnerable to attack because they don’t have enough insight into suppliers.
It’s time organisations treated supply chain security as an urgent priority. That means vetting, auditing and continuously monitoring third parties according to the same high standards as your own company. Continue reading →
The UK’s National Cyber Security Centre (NCSC) has done a fantastic job since it was launched in 2016 of supporting businesses, government agencies and the public in their efforts to become more secure. Most recently this week it launched a new Cyber Accelerator designed to uncover the most talented UK start-ups in the sector — all with the mission of making the UK the safest place in which to live and work online.
At Trend Micro, we might sit at the opposite end of the industry from the start-up community, but we’re right behind the NCSC’s efforts. That’s why we’re showing our support at the CYBERUK event hosted by the NCSC next week, as a networking sponsor. Continue reading →
Critical national infrastructure (CNI) covers a wide variety of industries. But what most have in common is that they run industrial control systems (ICS) and other operational technology (OT). Increasingly, these are being enhanced by new investments in Internet of Things (IoT) systems, in a bid to improve efficiency. The problem is, as these legacy technologies are brought online and integrated with IT systems, they become exposed to new cyber risks, with potentially major repercussions.
A new global study reveals that 90% of CNI providers have suffered damage to their environment as a result of cyber-attacks over the past 24 months. To support business growth and minimise risk, CNI firms need to improve visibility and control in these OT environments. Continue reading →