{"id":94957,"date":"2022-10-18T11:09:04","date_gmt":"2022-10-18T10:09:04","guid":{"rendered":"https:\/\/www.commercialriskonline.com\/?p=94957"},"modified":"2022-12-14T08:04:16","modified_gmt":"2022-12-14T08:04:16","slug":"governments-strengthening-cyber-defences","status":"publish","type":"post","link":"https:\/\/www.commercialriskonline.com\/governments-strengthening-cyber-defences\/","title":{"rendered":"Governments strengthening cyber defences"},"content":{"rendered":"
The UK and French governments, and the EU, are ramping up their efforts to upgrade cyber resilience within businesses, not least in the increasingly vulnerable area of supply chain. Adrian Ladbury reports on the fast-evolving cyber security landscape.<\/em><\/p>\n The UK\u2019s National Cyber Security Centre (NCSC), part of GCHQ, the UK\u2019s central intelligence and security organisation, has issued new cybersecurity guidance in response to a growing trend in supply chain attacks. <\/p>\n The latest guidance issued by NCSC advises organisations to work with suppliers to identify weaknesses and boost resilience.<\/p>\n This forms part of a wider \u00a32.6bn National Cyber Strategy project led by the Department for Digital, Media, Culture & Sport to ramp up the UK\u2019s cyber resilience effort, including new legislation planned by the end of November.<\/p>\n The UK\u2019s effort on cyber comes as the French government considers a new cyber bill that, among other measures, is proposing that ransomware payments will be insurable.<\/p>\n And late last month, the European Commission (EC) introduced its proposal for a new Cyber Resilience Act to protect consumers and businesses from products with inadequate security features.<\/p>\n Cybercriminals will not be quaking in their boots but it\u2019s good to see concrete steps being taken at national and pan-European level.<\/p>\n UK guidance<\/strong> It said that cybersecurity experts have issued a fresh warning about the threat of supply chain attacks following a rise in the number of incidents, and the NCSC is urging UK firms to step up their efforts in this increasingly critical area.<\/p>\n The NCSC said the new guidance is designed to help medium-sized and larger organisations effectively assess the cyber risks of working with suppliers and gain assurance that mitigations are in place.<\/p>\n Supply chain attacks can cause far-reaching and costly disruptions, yet the latest government data shows just over one in ten businesses (13%) review the risks posed by their immediate suppliers, while the proportion for the wider supply chain is just 7%.<\/p>\n Ian McCormack, NCSC deputy director for government cyber resilience, said: \u201cSupply chain attacks are a major cyber threat facing organisations, and incidents can have a profound, long-lasting impact on businesses and customers.<\/p>\n \u201cWith incidents on the rise, it is vital organisations work with their suppliers to identify supply chain risks and ensure appropriate security measures are in place.<\/p>\n \u201cOur new guidance will help organisations put this into practice so they can assess their supply chain\u2019s security and gain confidence that they are working with suppliers securely.\u201d<\/p>\n Minister of state for media, data, and digital infrastructure, Julia Lopez, said: \u201cUK organisations of all sizes are increasingly reliant on a range of IT services to run their business, so it\u2019s vital these technologies are secure.<\/p>\n \u201cI urge businesses to follow this expert guidance from our world-leading National Cyber Security Centre. It will help firms protect themselves and their customers from damaging cyberattacks by strengthening cybersecurity right across their supply chains.\u201d<\/p>\n
\nThe UK NCSC\u2019s latest guidance comes as it reported that based on its research, just over one in ten firms currently review the risks posed by immediate suppliers.<\/p>\n