While cybersecurity discussions often focus on networks and enterprises, there is rarely any talk of how vulnerable supply chains are to an IT compromise, according to a private-sector cybersecurity expert.
Speaking at a recent Dubai press conference about the state of cyberspace in the Middle East, Dale W. Meyerrose, vice president and general manager of cyberspace solutions at Harris Corporation, highlighted the need to make cyber a trusted domain and addressed cybersecurity supply-chain problems for both public and private sectors.
Governments and commercial entities are funneling billions into offensive and defensive technology, but few are addressing cyber threats to the supply chain, Meyerrose said.
“Not only is supply-chain security frequently overlooked, but very few companies use cybersecurity products that are equipped to monitor technologies throughout the supply chain from end to end,” he added.
Meyerrose, a retired U.S. Air Force major general, stressed the need for a change in how organizations deal with threats, saying there needs to be more concern about how information can be exploited, stolen or put at risk through a supply-chain compromise.
“We need to tilt the capabilities scale against these increasingly sophisticated attacks because the potential for damage is extremely real,” he added.
Commenting on the motives behind recent cyber attacks on various companies, Meyerrose cited the borderless nature of cyberspace that “doesn’t reflect recognized geography or necessarily organizational predators.”
“Hackers go for cyberspace because there is a lot of money in transactions; it’s where governments and companies keep their information and knowledge that can be exploited,” he said.