BACKGROUND:
In light of the recent events, such as the Florida water hacker and the JBS ransomware attack, we are starting to see critical infrastructure become a lucrative target for cyber criminals – as they look to capitalise and make maximum impact.
In addition, this is combined with the fact that we are also seeing supply chain attacks high on the agenda. They are growing in popularity, with criminals able to infiltrate and hold hostage multiple organisations through one attack. SolarWinds and the recent Kaseya attack acting as pivotal examples.
<p>The reported data breach affecting Spreadshirt, Spreadshop, and TeamShirts emphasizes just how important it is for clothing and retail vendors to protect customer data effectively. These industries thrive on online transactions, which also requires them to collect sensitive PII that threat actors are always targeting. Yes, it’s good to encourage that users have strong passwords and to change them from time to time, but these companies also need to carry out the due diligence to protect the data they have already collected and processed. Keeping it secure behind a perimeter is one thing, but applying data-centric security like tokenization, which replaces sensitive data elements with innocuous tokens, helps to mitigate situations like these when data breaches actually occur. Even if hackers get their hands on tokenized sensitive data, they can’t do anything with it and thus it becomes worthless (and protects data subjects from potentially catastrophic consequences). The investment for organizations into data-centric security is a much better scenario than losing their shirts on the fallout from a data breach.</p>
<p>Supply chain attacks” are high on the agenda at the moment with SolarWinds and the Kaseya ransomware attack, but it’s a literal attack on a crucial supply chain that’s going to make the biggest impact. </p>
<p>With the nation’s revised food strategy expected later this month, the UK government now has a chance to rethink and redesign its policy on supply chain security. Increasing reliance on digital tools means cyber attacks are as much of a threat to the food supply chain as any physical disturbance. It’s inevitable that vulnerabilities will occur that could lead to such an attack. The government needs to encourage and provide a continuous solution for the supply chain to find and fix those vulnerabilities before they can be exploited.</p>