One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8369852 |
| Date de publication | 2023-08-14 10:00:00 (vue: 2023-08-14 10:06:34) |
| Titre | Construire la cybersécurité dans la chaîne d'approvisionnement est essentiel à mesure que les menaces montent Building Cybersecurity into the supply chain is essential as threats mount |
| Texte | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The supply chain, already fragile in the USA, is at severe and significant risk of damage by cyberattacks. According to research analyzed by Forbes, supply chain attacks now account for a huge 62% of all commercial attacks, a clear indication of the scale of the challenge faced by the supply chain and the logistics industry as a whole. There are solutions out there, however, and the most simple of these concerns a simple upskilling of supply chain professionals to be aware of cybersecurity systems and threats. In an industry dominated by the need for trust, this is something that perhaps can come naturally for the supply chain. Building trust and awareness At the heart of a successful supply chain relationship is trust between partners. Building that trust, and securing high quality business partners, relies on a few factors. Cybersecurity experts and responsible officers will see some familiarity - due diligence, scrutiny over figures, and continuous monitoring. In simple terms, an effective framework of checking and rechecking work, monitored for compliance on all sides. These factors are a key part of new federal cybersecurity rules, according to news agency Reuters. Among other measures are a requirement for companies to have rigorous control over system patching, and measures that would require cloud hosted services to identify foreign customers. These are simple but important steps, and give a hint to supply chain businesses as to what they should be doing; putting in measures to monitor, control, and enact compliance on cybersecurity threats. That being said, it can be the case that the software isn’t in place within individual businesses to ensure that level of control. The right tools, and the right personnel, is also essential. The importance of software Back in April, the UK’s National Cyber Security Centre released details of specific threats made by Russian actors against business infrastructure in the USA and UK. Highlighted in this were specific weaknesses in business systems, and that includes in hardware and software used by millions of businesses worldwide. The message is simple - even industry standard software and devices have their problems, and businesses have to keep track of that. There are two arms to ensure this is completed. Firstly, the business should have a cybersecurity officer in place whose role it is to monitor current measures and ensure they are kept up to date. Secondly, budget and time must be allocated at an executive level firstly to promote networking between the business and cybersecurity firms, and between partner businesses to ensure that even cybersecurity measures are implemented across the chain. Utilizing AI There is something of a digital arms race when it comes to artificial intelligence. As ZDNet notes, the lack of clear regulation is providing a lot of leeway for malicious actors to innovate, but for businesses to act, too. While regulations are now coming in, it remains that there is a clear role for AI in prevention. According t |
| Envoyé | Oui |
| Condensat | of according across act actions actors adopt against agency ai to all allocated already also among analyzed and securing any april are arms arrives article artificial assurance at&t attacks author aware awareness back balance become being benefit between budget building business businesses but can case caught centre chain challenge checking clear cloud come comes coming commercial companies completed compliance concerns content continuous control current customers cyber cyberattacks cybersecurity damage data date defensive deploy details devices different digital diligence does doing; putting dominated dots due ecosystem effective enable enact endorse ensure essential even example executive expert experts faced factors familiarity faster federal fighting figures firms firstly forbes foreign forward fragile framework from give government guidelines hardware have heart here high highlighted hint hosted however huge humans hunters are identify implemented importance important includes indication individual industry influencing information infrastructure in innovate inroads intelligence interviewed involving isn’t join keep kept key lack large leeway legality level logistics look lot make malicious many measures message millions models monitor monitored monitoring more most mount must national naturally need needing network networking new news not notes now now account number of cybersecurity officer officers oriented other out over overwhelming own part partner partners patches patching patterns perhaps personnel place positions post potentially powerful prevention proactive problems process professionals profile promote provide provided providing quality race race; rechecking regulation regulations regulatory relationship released relies remains reports require requirement research resilience responsibility responsible reuters right rigorous risk role rules russian safety said same scale scrutiny secondly security see serious services sets severe should sides significant simple situation software solely solutions some something sophisticated specific stand standard stay step steps struggle successful supply system systems take terms than then these threat threats threats made time too tools track trust two uk’s unusual upset upskilling usa used using utilizing views weaknesses weapons what when where whole whose wider wildcards will willing within work worldwide would zdnet |
| Tags | Threat Cloud |
| Stories | APT 28 ChatGPT |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.