Co-authored by:Syam Thommandru
In a monumental move toward greater organizational safety, the US government’s recent Cybersecurity Executive Order marks a major paradigm shift in the battle against digital threats. It not only indicates the critical importance of cybersecurity for organizational and national security, but is an essential step toward safeguarding critical enterprises and infrastructure in an increasingly dangerous digital landscape.
By deploying a standardized playbook for federal response to cyber incidents, this order will allow the government to upgrade and secure cloud services and other cyber infrastructure. The establishment of a “Cybersecurity Safety Review Board”, comprising of public and private sector officials, will ensure a multifaceted analysis of cyberattacks and provide recommendations in a timely manner. Furthermore, the order fosters a spirit of cooperation and data-sharing within the government and external corporate entities for a wider, end-to-end detection and response system.
As the order slowly makes itself felt across the cybersecurity ecosystem, companies will see the benefits unfold in a significant manner, driving secure enterprise operations to become a key differentiator. Some of these benefits include more secure software design and resilient supply chains, along with a greater emphasis on easy-to-secure digital technologies (cloud, MFA everywhere, incident tracking, SaaS etc.).
With a greater focus on developing standardized requirements with government and business collaboration, we can expect to see more returns from security investments – a winning prospect that simply cannot be ignored. However, this is merely the first step on a long journey to build resilient supply chains under the shadow of digital threats.
Securing our Supply Chains – The Need and the Challenges
The Colonial Pipeline and JBS incidents are only the latest examples of criminal organizations exploiting vulnerabilities in cybersecurity to gain access to critical data and communications; to cause catastrophic damage to global supply chains. Already facing disruption due to the global pandemic and seeing increases in digital ops, supply chains were ripe for the picking – allowing opportunistic cyber criminals to exploit system vulnerabilities that lead to a crippling fallout. With these threats remaining ever present and growing increasingly complex in the age of global interconnectivity - a radical change was not only necessary but critical in securing the future.
While industries are building veritable cybersecurity fortresses to protect their data, the vulnerabilities across the supply chains remain at risk. From manufacturers, to partners, service providers and suppliers – these critical touchpoints are the most susceptible, with over 80% of all recorded security breaches occurring at some point in the supply-chain network. A lack of governance and control over these individual sections of the supply chain contribute heavily to this state of affairs, and cyber criminals are constantly monitoring these areas for weaknesses to exploit.
The supply chain is only as strong as its weakest link. With this in mind, various industries face their own unique challenges when it comes to ensuring supply chain cybersecurity for their assets, particularly in the wake of the COVID-19 pandemic –
Malware, ransomware, phishing attacks, and other cyber threats have been the bane of the retail industry for many years. As the digital expansion continues to grow in the wake of expanded remote operations, the financial and personal information that retailers have always dealt with, have become a tempting target for cyber criminals. With online purchases on the rise, and the flow of data for retailers increased dramatically, an information leak could cause irreparable harm to the brand reputation of any respectable retail outlet. This sudden change in network topology, therefore, has been one of the greatest challenges faced by the industry.
- Energy and Natural Resources (Oil & Gas)
The recent colonial pipeline hack has been a sobering wake up call for the energy and natural resources sector. The sheer vulnerability of critical infrastructure has been laid bare, and even led to government initiatives on regulating cybersecurity for the same. The intense pressure to integrate with the digital revolution in recent years has also opened it up to a whole new threat intelligence landscape. The tools that were used to help the industry run efficiently through remote operations are vulnerable enough to be exploited by cyber criminals. Malware and IT/OT integrations continue to be top risks for the industry as it tries to build a secure foothold on the digital frontier.
- Healthcare and Life Sciences
Striving to keep pace with the increased global demands brought by COVID-19, the healthcare sector supply chains have been more taxed than ever before in recent years. This overextended and high-risk supply chain in particular requires multiple layers of security to stave off cybercriminals that can cause cargo theft, temperature malfunctions, counterfeiting, and other crippling risks. Logistical issues in particular, fostered by increasingly complex supply chains and a growing number of exchange points have opened up multiple end-points ripe for exploitation. An industry that is more time-sensitive than most with truly life-or-death consequences, maintaining cybersecurity hygiene across endpoints and third party contractors is the greatest challenge.
For the manufacturing sector, a spate of new techniques and tactics utilized by cyber criminals have ravaged the industry. As per a 2020 report, this sector is one of the most targeted industries for malicious browser breaches, comprising of over 38.6% of all global attacks. Phishing-based attacks are the largest risk for the manufacturing sector and when paired with a lack of security awareness and employee negligence, the threat only doubles in size and scope. Monitoring these threats across shadow IT devices and all endpoints is a great challenge for the industry
Perspectives on addressing Supply Chain Security
HCL offers holistic offerings integrated with Microsoft security products that encompass the full breadth of supply chain security for both on-premises and in the cloud. By merging the perspective of both HCL and Microsoft, along with their dedication to provide customers with a definitive supply chain management strategy has led to positive results for all stakeholders involved.
For example, in the case of a global company engaged in the development, manufacturing, and sales of anatomical pathology solutions, the need of the hour was to migrate from their existing ArcSight system to a more cloud-native threat analytics platform. HCL designed the Azure Sentinel solution for the company along with complete integration of their systems, which streamlined the collection of security and application logs. This allowed the company to adopt more cloud-led solutions and facilitated a tighter integration of the complete infrastructure, leading to more stringent cybersecurity across its endpoints.
HCL combines its best-in-class CSFC Fusion platform with Azure Sentinel solution to deliver future-focused threat intelligence and security analytics services across the enterprise environment. The two solutions merge to enable granular visibility into the threat intelligence landscape across multi-cloud or hybrid environments. This ensures accurate detection, response, and proactive hunting down of all the threats in real-time. The objective is to effectively manage IT security through monitoring, threat identification, timely incident alerts, and response recommendations and support. This not only minimizes cyber risk, but also improves the business’s operational efficiency.
Similarly, in the case of an energy service provider that needed a new and improved security solution, the Microsoft Defender for O365 Protection Center was implemented to provide robust cloud services. The comprehensive slate of prevention, detection, and reactive elements gave the energy company zero-day security and helped reinforce the trust of the energy service provider’s clients.
HCL delivers its cutting-edge end-user security provisioning through its Fusion Endpoint Detection and Response (FEDR) service that is powered by Microsoft Defender for Endpoint. The solution has round-the-clock malware detection monitoring and proactive hunts of emerging indicators of compromise (IoCs). It also detects and notifies stealthy threats and recommends appropriate responses through its CSFC platform. Its approach is three-pronged, encompassing detection, quick response, and investigation. Businesses are able to comprehensively secure endpoints through early threat identification, attack surface reduction by in-built policies, automated investigation, and fast incident remediation.
Supply chain resilience will continue to be the need of the hour as long as they continue to evolve and grow more complex. But as long as service providers are on the ball and ready to develop new solutions to address these needs, and leaders willing to implement the same – the sinister shadow of cybercrime will no longer be the menace.