CYBER SECURITY – IT INDUSTRY AND SUPPLY CHAIN
Cybersecurity is an important aspect of the IT industry and supply chain. Cybersecurity risks can arise at any point in the life cycle or any link in the supply chain. Cybersecurity in the supply chain is the process of managing and preventing cybersecurity risks for information technology systems, software, and networks that are involved in the supply chain of a business and its vendors.
Cybersecurity risks may include cyber-terrorism, malware, data theft, counterfeits, tampering, and malicious software and hardware. Cybersecurity in the supply chain requires ensuring the integrity, security, quality and resilience of the supply chain and its products and services.
Enterprises today are embracing digital and analytics transformations as never before. Even those that did not expect to embark upon major IT changes have had to adopt fully remote ways of working due to the COVID-9 pandemic. In fast-moving business environments, companies make many necessary IT changes on the fly, with security waivers and risk-mitigation promissory notes issued almost as readily as authorization-to-operate (ATO) certifications. Cyberattacks and corporate spies are having a field day.
They are capitalizing on the disruption, meeting in virtual rooms to engage in advanced persistent mapping of enterprise IT environments and associated vulnerabilities—including the areas of those environments that are reliant on third-party support and capabilities.
To ensure cooperation while providing sufficient protection for all sides, enterprises must bring third parties into the inner circle of their security perimeters. Meanwhile, CIOs and CISOs are being told to scrutinize third parties intensively. On the surface, the two mandates are counterposed. But they do not have to be. The two stances, trust and scrutiny, do not have to be in opposition. In fact, they are most effective when contained in a reciprocal relationship.
CYBER SECURITY – OIL AND GAS, MINING AND MANUFACTURING
The manufacturing and mining and oil and gas industries are vulnerable to cyberattacks. The oil and gas industry uses a variety of complex systems and technologies that are becoming increasingly vulnerable to cyberattacks. To improve the cybersecurity posture of the industry, the World Economic Forum has established the Cyber Resilience in Oil and Gas initiative. Through the Cyber Resilience Pledge, over 20 global CEOs committed to work together to improve cyber resilience across the ecosystem.
The mining and manufacturing industry is also vulnerable to cyberattacks. Cybersecurity risks can arise at any point in the life cycle or any link in the supply chain. The mining industry is particularly vulnerable because it relies heavily on technology and information systems to operate.
These industries rely heavily on large scale wifi communication systems, as well as very large-scale camera surveillance systems, which further increase the risk of cyber-attack ingress, if systems are not properly configured and protected.
To mitigate these risks, companies must act now on cybersecurity. The World Economic Forum’s six cyber resilience principles for oil and gas infrastructure are drawn from the shared real-world experience of leading companies in the oil and gas sector.