Training programme explores cyber ‘domino effect’ caused by vulnerable digital supply chain
A business cybersecurity support agency has revised its free resilience training workshops for firms to address the danger of cyber attacks that have a ‘domino effect’ through the digital supply chain.
The Scottish Business Resilience Centre (SBRC) has updated the National Cyber Security Centre’s (NCSC) ‘Exercise in a Box’ programme to include scenarios specific to security breaches involving third-party providers.
According to the SBRC, businesses are increasingly working with more organisations to deliver goods or services to their customers – which may also include the outsourcing of online systems and services.
The not-for-profit organisation also believes a spate of large-scale cyber attacks around the world has highlighted the devastating impact a breach can have on the businesses targeted and the wider supply chain.
The online nature of modern businesses means that digital supply chains are becoming larger and more complex, making it increasingly difficult for companies in the chain to ensure they are protected. This is because they have no way of knowing what cyber processes and procedures others might have.
The new ‘supply chain’ scenario joins ‘ransomware attack’ and ‘working from home’ in the collection of workshops designed to ensure businesses can test their responses to a cyber breach in a safe environment without risk of damages.
In the 90-minute supply chain workshops, attendees will identify how their organisation relies on the security of third-party suppliers and consider how to include minimum security standards in their procurement process.
Specific examples will help attendees test the effectiveness of their solutions and discuss alternative approaches.
Jude McCorry, chief executive of the SBRC, said: “Businesses are relying on third-party suppliers more than ever, creating a ‘digital supply chain’ that intertwines a range of businesses across sectors. The chain has grown to include organisations who provide services such as online tools, cloud-based products, desktop software and hardware.
“Businesses are so entwined that an attack on one company in the chain can have a domino effect and impact many people and businesses. This new scenario will help organisations – whether in the public, private or third sectors – to manage the fallout from a range of cyber attacks, including when they suffer an indirect breach via an external organisation.
“Organisations are under significant stress these days, from cyber attacks to changing work patterns due to the pandemic testing their resilience. To help relieve that stress, the Exercise in a Box workshops focus on specific scenarios to force attendees to really consider how they would react in a variety of situations and learn about others’ thought processes and approaches. It is the safest way to test their resilience and help ensure Scotland is one of the most secure countries to do business.”
The SBRC has been running these classes for business across Scotland since late 2020 and has now trained more than 250 firms.
The SBRC delivers Exercise in a Box workshops virtually to businesses throughout Scotland with input from Police Scotland and other stakeholders. It is hoped that up to 200 business will sign up to attend the sessions over the next nine months.
The programme, which will continue until March 2022, is kicking off again with specific sessions to the supply chain scenario taking place on the following dates:
- Tuesday 27 July
- Thursday 29 July
- Tuesday 17 August
- Thursday 19 August
Further information on Exercise in a Box workshops – which are now being delivered via either Zoom or Microsoft Teams – is available on the SBRC website here.
We need to shout about our successes. Liz Fletcher on celebrating women in biotech
Throughout my career in biotechnology and life sciences, I have seen many women leading ground-breaking research studies in their fields of expertise. Yet, and I include myself in this, we…
Getting the best out of patient data is key to unlocking future health benefits in Scotland
It is important that clinicians’ voices are heard in the consultation around Scotland’s new health and care data strategy, which closes this week (12 August). Busy GPs like myself are the trusted…
How motherhood helped me be a better leader
Consider this an open letter to anyone I have worked with before I became a mother and before I fully understood how being a parent is actually a prized asset…
‘We cannot achieve our goals without entrepreneurs’ – Kate Forbes on vision for new ‘tech scaler’ network
From the very start of my ministerial career, I have had responsibility for the Scottish tech sector – and I can still say what I have said from the start,…
Finding a role in cyber was ‘tough’ for Cheryl Torano. Now she’s determined to help other women join an under-represented industry
When I decided to upskill to change careers at the age of 30 and dive into the digital world, I knew I would be starting out at the bottom of…
Why innovation and marketing are the perfect partners to make changes that matter￼
With the rapid evolution of traditional marketing and the appearance of digital marketing, technology and innovation has become part of any marketer’s life without the need of working for a…
Transitioning to a four-day week – CEO’s vow to strike a healthier balance in the workplace
I came to Scotland nearly 20 years ago from Ireland, with no contacts but a lot of determination. While Ireland will always be my home, Scotland has given me amazing…
Women Lead: The female-led company championing intuitive working
Over the last two years, the pandemic forced a shift to more remote and flexible working practices. Whilst we might be seeing a “return to normal”, some companies are choosing…