Key insights from the Supply Chain Resilience Webinar 

The Cybersecurity Business Network (CBN) was delighted to host a webinar on supply chain resilience. Developed in response to the recent global IT outage, which exposed how reliance on only a few key suppliers can weaken critical systems, the webinar explored how businesses and policymakers can address the growing issue of how a lack of diversification in IT supply chains can increase the risk of major outages. The webinar brought together experts from cybersecurity, healthcare and academia to discuss ways to strengthen supply chain resilience and manage these risks. Below are some key takeaways from the event. 

Dr. Melanie Garson, Cyber and Tech Geopolitics Lead at the Tony Blair Institute, opened the discussion by examining the global geopolitical landscape’s impact on supply chains. She emphasised the rising uncertainty and the interconnectedness of these risks, describing the current state as “a geopolitical state of upheaval.” According to Garson, the world’s IT supply chains are more vulnerable than ever due to increased global tensions and organisations must better anticipate the disruptions arising from cyberattacks and broader geopolitical events.

Simon Newman, Director of the Cyber Resilience Centre for London, reinforced this perspective by highlighting how attackers are now focusing on smaller, more vulnerable entities in supply chains. Newman also stressed the importance of enhanced collaboration across sectors, including law enforcement, to address these increasing vulnerabilities.

“As larger organisations have boosted their cybersecurity significantly, criminals are now targeting weaker entry points”, he explained, noting that smaller organisations often lack the resources to defend themselves effectively.

Simon Newman, Director of the Cyber Resilience Centre for London,

The healthcare sector’s supply chain vulnerabilities were a particular focus, with Rachel Dean, Head of Cybersecurity at NHS Supply Chain, providing insights. Dean emphasised that a successful cyberattack on the NHS’s supply chain could directly affect patient care.

“A successful cyberattack and the resulting inability to deliver operations impacts directly on the NHS’s ability to deliver patient care, which can have critical outcomes,” she warned.

Rachel Dean, Head of Cybersecurity at NHS Supply Chain

With a supply chain of over 6,000 suppliers, Dean explained the significant challenges in ensuring that each supplier meets necessary cybersecurity standards while avoiding creating barriers for smaller, critical suppliers.

On the regulatory side, Tim Rawlins, Director and Senior Advisor at NCC Group, discussed how regulations are evolving to address supply chain vulnerabilities.

“Regulators are increasingly focusing on requiring organisations to escrow software from their suppliers to reduce risk.”

Tim Rawlins, Director and Senior Advisor at NCC Group

While regulation is a key driver of improvement, Rawlins stressed that organisations themselves must take proactive steps to manage third-party risks and understand how disruptions in one part of the supply chain can have wide-reaching consequences.

Digital Dawn: Cyber Security Policy in the Wake of Political Change

An NCC Group cyber policy report providing a strategic guide for political and business decision makers worldwide.

Our report emphasizes just how important it is for
incoming governments to stay focused on cyber
security and resilience amidst the many competing
priorities they will face…. It’s clear that governments taking
appropriate action to keep their citizens safe will be
critical to maintaining trust in public institutions and
unleashing the huge potential of the digital economy.

Mike Maddison
CEO at NCC Group

In this bumper election year, the report offers new and existing governments a deeper understanding of how their counterparts in other areas of the world are tackling similar cyber security issues.

The findings explore:

Drawing from NCC Group’s insights and new research, which included commissioning polling from J.L. Partners to examine public opinion on cyber security issues and conducting interviews with key people from across the global cyber policy ecosystem, the report urges policymakers to establish long-term digital resilience.

NCC Group identifies five key policy areas it believes new and existing governments must prioritize to achieve this in practice:

1. 21st-century cyber laws that define responsibilities, harmonise rules, and are underpinned with proper enforcement.

2. Digital safety nets for small and medium-sized businesses and organisations, embedding security in the digital products and services they rely on.

3. Fortifying government defences by investing in public sector cyber resilience, building trust in government services, and leading by example.

4. Forging a cyber resilient population – promoting cyber literacy, developing cyber professionals, and updating cyber laws.

5. Long-term, evidence-driven policymaking structures.

We are proud of NCC Group’s latest contribution to the cyber policy debate. Cyber security is a matter of national and global importance and we are passionate about ensuring that cross-party consensus does not lead to complacency in this bumper election year and beyond. We look forward to working with incoming governments in the UK, and worldwide, to implement ambitious but actionable policies that will take national, organisational and individual cyber security to the next level.

Kat Sommer
Group Head of Government Affairs & Analysts Relations, NCC Group
CBN Advisory Board

Some of our key takeaways from the report include

Digital Dawn: Cyber Security Policy in the Wake of Political Change

Read the full report here