Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • The UK pushes for better supply chain cybersecurity
  • Cyber Attacks
  • Data Breach
  • Malware

The UK pushes for better supply chain cybersecurity

4 years ago Graham Cluley
The UK pushes for better supply chain cybersecurity

If the UK Government gets its way, IT service vendors and other cloud-based service providers may soon be required to adopt new measures to strengthen their cybersecurity, amid rising concerns about supply chain risks.

The Department for Digital, Culture, Media and Sport (DCMS) has floated plans to make mandatory compliance with the National Cyber Security Centre’s Cyber Assessment Framework, which provides guidance for organisations responsible for vitally important services and activities.

In a press release, the government department claimed that businesses recognise that cybersecurity is a priority, but that “action lags behind”.

That damning assessment of the state of security, comes as newly published research reveals that the majority of Britain’s top business bosses (91 per cent, up from 84 per cent in 2020) see cyber threats as “a high or very high risk to their business”, but nearly a third of leading firms admitting that they are not taking action on supply chain cyber security, with only 69 per cent saying their organisation actively manages cyber-related supply chain risks.

This week the UK government responded publicly to the findings:

“…the Government recognises the close interaction and the frequent business model overlaps between digital technology providers such as managed service providers, cloud service providers and some software vendors. All of these types of suppliers are endemic third party providers of digital technology services and are an indispensable part of UK and global supply chains. The government therefore agrees that any future policy should consider this broader range of digital technology providers, moving away from an exclusive focus on managed services.”

“As more and more organisations do business online and use a range of IT services to power their services, we must make sure their networks and technology are secure,” said Digital infrastructure minister Julia Lopez. “Today we are taking the next steps in our mission to help firms strengthen their cyber security and encouraging firms across the UK to follow the advice and guidance from the National Cyber Security Centre to secure their businesses’ digital footprint and protect their sensitive data.”

Recent attacks such as the one in early July involving IT service firm Kaseya, where ransomware was delivered to hundreds – if not thousands – of companies just as they were closing down for the Independence Day holiday weekend, have underlined the importance of making supply chain attacks more difficult for cybercriminals.

At the time, Tim Erlin, VP of product management and strategy at Tripwire, told the media that “No one should be surprised when a successful attack methodology is repeated, but we should aim to make these types of supply chain attacks harder to execute and incrementally less successful.”

A review of current legislation in the UK is underway, and a new national strategy for cybersecurity is due to be launched before the end of the year. Only time will tell how successful it will be in helping businesses secure their systems and better protect their sensitive data.

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

The post ” The UK pushes for better supply chain cybersecurity” appeared first on TripWire

Source:TripWire – Graham Cluley

Tags: Cloud, Goverment, High Severity, Malware, Ransomware, TripWire

Continue Reading

Previous Spear-Phishing Campaign Exploits Glitch Platform to Steal Credentials
Next FBI: FatPipe VPN Zero-Day Exploited by APT for 6 Months

More Stories

  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

21 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

22 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

24 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

How Samsung Knox Helps Stop Your Network Security Breach

1 day ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

1 day ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Data Breach
  • Vulnerabilities

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

1 day ago [email protected] (The Hacker News)

Recent Posts

  • China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
  • CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
  • Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
  • How Samsung Knox Helps Stop Your Network Security Breach
  • Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT