It has been more than a year since the Biden Administration issued a national security memo and executive order to fight cybersecurity threats to the United States supply chain.
The Russia-Ukraine conflict is exposing an alarming number of new threats. Russian cyberattacks have always crossed over borders, and there has already been a wave of cyberattacks against the Ukrainian government.
Kenny Natiss explains that such cyberattacks can be felt in America through disrupting lines of shipping, stealing company data through malware, and paralyzing trade logistics.
The White House recently outlined the threat against the United States chip industry as retaliation for issuing sanctions and curbing exports from Russia. Semiconductor manufacturers often rely on materials sourced from Russia and Ukraine, including palladium and neon.
Russia also exports everything from jet engines and medicines to cars and agricultural goods.
It’s no wonder then that people are describing the Russia-Ukraine conflicts as “the most acute” cybersecurity risk the United States has faced. How can we address and neutralize such risks?
Experts agree that it’s time to rethink United States cybersecurity measures to protect the vital supply chain — and plan for future attacks.
The Focus on Strengthening Security
Cybersecurity threats against supply chains are nothing new, but as they become more prevalent and sophisticated, security measures against them need to evolve, too.
There are a few basic enhanced security measures to take right now to protect your supply chain, according to Forbes.
There should be a minimum baseline for security for your third-party vendors, which include customer service and cloud providers, customer data should be strongly protected and credentials to access information should be strengthened and coming up with a plan to review security measures on a regular basis.
Such attention to cybersecurity is vital, especially since government officials continue to worry about the threat of hackers from Russia targeting key companies in the United States and Europe directly as payback for economic sanctions.
Once everyone at a company is on the same page as far as an enhanced security protocol, they should also work together during an actual attack. Cybersecurity agents should be alerted immediately if there is an identified threat, and everyone should know how to quickly remove system threats.
Help For the Public
The escalating threats against the supply chain are so alarming that many companies are creating and sharing software security approaches with the masses.
One example is the Advisory Database created by GitHub, which specializes in software development. Through its Advisory Database, anyone can add information to highlight supply chain security issues and risks related to software.
Such data sharing is vital to supply chain security, says GitHub, which notes that information sharing that is accurate and consistent can go a long way to effectively pushing back against a range of cybersecurity threats.
In a recent survey, about 72% of companies said their No. 1 concern was cybersecurity threats. However, just about 33% said there are plentiful internal resources provided to respond to the threats.
That fact makes programs like the Advisory Database especially valuable, especially in the wake of an uncertain future for Russia and Ukraine.