Cybersecurity experts have issued a fresh warning over the threat of supply chain attacks following a rise in the number of incidents.
The National Cyber Security Centre (NCSC) – a part of GCHQ – has published new guidance to help organisations effectively assess and gain confidence in the cybersecurity of their supply chains.
It follows a significant increase in cyberattacks resulting from vulnerabilities within supply chains in recent years, including some high-profile incidents such as the SolarWinds attack.
The new guidance is designed to help medium and larger organisations effectively assess the cyber-risks of working with suppliers and gain assurance that mitigations are in place.
Supply chain attacks can cause far-reaching and costly disruption, yet the latest government data shows just over one in 10 businesses review the risks posed by their immediate suppliers (13%) and the proportion for the wider supply chain is just 7%.
Ian McCormack, NCSC Deputy Director for Government Cyber Resilience, said: “Supply chain attacks are a major cyberthreat facing organisations and incidents can have a profound, long-lasting impact on businesses and customers.
“With incidents on the rise, it is vital organisations work with their suppliers to identify supply chain risks and ensure appropriate security measures are in place.
“Our new guidance will help organisations put this into practice so they can assess their supply chain’s security and gain confidence that they are working with suppliers securely.”