NIST Update Supply Chain Guidance

By   ISBuzz Team
Writer , Information Security Buzz | May 06, 2022 04:02 am PST

This morning the National Institute of Standards and Technology released new guidance on securing the supply chain against cyber-attacks.

In response, please see below comments from cybersecurity expert who outlines the positive nature of this NIST guidance, exploring how supply chain attacks are becoming increasingly popular targets, and why it is more critical than ever to manage the cybersecurity of the supply chain.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Trevor Dearing
Trevor Dearing , EMEA Director of Critical Infrastructure
May 6, 2022 12:02 pm

It is encouraging to see NIST releasing updated guidance acknowledging the increase in cyberattacks targeting the supply chain and the consequent necessity to bolster the supply chain’s cybersecurity.

We can no longer turn a blind eye to the exponential increase in attacks on the IT systems of manufacturers, logistics companies and organisations, that ultimately target the operational part of the business. The truth is threat actors have realised they can increase efficiency and profitability by compromising a single product knowing it will have impact downstream on companies who use it.

Moreover, attacks that disrupt the logistics or manufacturing process can have immediate real-world impacts, further increasing the likelihood any ransom demands will be met as organisations flounder to get critical systems back up and running. The result is that supply chain attacks have increased with a vengeance. 

A Zero Trust approach to security provides organisations with confidence in their supply chain security, because by only allowing known and verified communication between environments, security teams can be sure that an attack on the IT systems will not affect the management or logistics processes. With the move to industry 4.0 and the adoption of cloud connected industrial IoT, the potential impact of a ransomware attack will only continue to grow. That’s why it is important to act now and put security measures in place that will make our infrastructure resilient to attacks – even once they’ve breached our perimeter.

Last edited 1 year ago by Trevor Dearing

Recent Posts

Would love your thoughts, please comment.x