IT Brief UK - Technology news for CIOs & IT decision-makers
Story image
Businesses challenged by supply chain cybersecurity threats
Thu, 21st Dec 2023

Supply chain threats remain a significant risk to the U.K., with 97% of organisations surveyed by cybersecurity firm BlueVoyant, revealing they endured negative impacts from a breach in a third-party or supplier partner during the past year. This figure has ominously persisted for the past three years according to the research by BlueVoyant's Supply Chain Defence.

Lorri Janssen-Anessi, Director, External Cybersecurity Assessments, warned that the insecurity of a company’s supply chain is the number one vector for exploiting the company. She went onto add, "The predominance of attacks over the past year targeted the security of products used, services provided, and relationships between a company and its supply chain vendors. Single companies are suffering multiple attacks if they fail to secure their environments and mitigate vulnerabilities."

Focusing on the future of artificial intelligence (AI), Mona Ghadiri, Senior Director of Product Management, believes that the path forward lies in getting past initial AI hype. She says, "While many will say it's overkill because we see it in the headlines every day, the truth is we just need to get past the initial hype phase. As we approach 2024 and continue to the next phases of the AI movement, it's interesting to think about how we build teams to design AI."

According to Ghadiri, as AI evolves, it will attract good and bad actors alike. She further adds, "As AI has become more profitable, there has been a shift of mindset using AI for financial goals and ethical use cases. Whose job is it to make this secure, yet also ethical? As you become more profitable, everybody is reading about it, both good guys and bad guys. This makes AI very lucrative."

Ben Beeson, Vice President, BlueVoyant, comments on the future of cyber insurance: "In 2024, the insurance industry will continue its investment in better data, technology, and people to support its ability to accurately model and underwrite cyber risk." He predicts that the debate around the role of federal governments in backstopping the insurance market against major systemic cyber events will gather pace, considering the "significant risk to national economies and critical infrastructure."

Preparing for supply chain threats in twelve months time, Janssen-Anessi underlines the critical need to be proactive, insisting companies should understand their extended digital supply chain, monitor their digital supply chain continuously and work with third parties to remediate issues. She believes that "organisations must prioritise securing their supply chains to counter these threats effectively."

Janssen-Anessi's prescription for supply chain security in 2024 also includes advice on diversifying suppliers, continuous assessment of geopolitical and economic risks, regionalisation, ensuring regulatory compliance, and comprehensive contingency planning. "Remember that diversifying your supply chain is complex and a long-term process. It requires careful planning and risk assessment," she concluded.