The COVID-19 pandemic has caused significant disruptions in the supply chain of various industries—from a shortage of shipping containers, rail congestion to the shift in consumer habits.
At a webinar, Jeff Jorge, a principal and leader of international services at global advisory firm Baker Tilly, said that such challenges altogether place the aftermarket services industry in a tight spot, Auto Service World reports.
Aside from the global health crisis, cyber threats continue to plague the supply chain as proven in the 2020 SolarWinds hack that compromised the software vendor’s government and enterprise customers.
Jon Boyens, deputy chief of the National Institute of Standards and Technology’s computer division, told a recent panel discussion hosted by the National Cybersecurity Center of Excellence that supply chain risks are usually present in the same products and services organizations use.
In the power grid sector, utility companies and government officials are encouraged to shift their focus on cybersecurity as remote work and distributed networks will have to remain for now.
Tony Cole, chief technology officer at Attivo Networks, wrote in a Nextgov guest piece that utility companies looking to strengthen their defenses could begin by reviewing resources such as MITRE ATT&CK and MITRE Shield.
”Both freely available knowledge bases … help defenders better understand the adversaries they face and what defenses they should put in place to counter them,” Cole said.
Cole noted that misuse of privileged access rights contributes to 80 percent of all known breaches in security. “Utilities must rethink the way they protect identities, credentials and high-value assets.”
In Congress, some lawmakers are pushing companies that manage critical infrastructures such as banks, oil, gas, technology and utilities to report cyberattacks to federal officials, Roll Call reports.
Reps. Yvette Clarke, D-N.Y., and John Katko, R-N.Y., proposed a bill that would authorize CISA to require various sectors to report security breaches within 72 hours.
Ron Bushar, chief technology officer of Mandiant‘s global government business, noted that the voluntary approach of reporting has reached its limit because while it gave the government some idea of the ongoing incidents, “it’s not enough anymore.”
ExecutiveBiz will be hosting a virtual event that will bring together industry cybersecurity experts to discuss the Solarwinds cyber hack, its implications and how organizations plan to move forward from the historic and unprecedented attack.
The “Supply Chain Cybersecurity: Revelations and Innovations” forum is scheduled to happen on Oct. 26 at 9 a.m. ET and will feature Bushar, Cole and Jorge as speakers. Register here.