Software supply chain attacks are among the most devastating forms of cybercrime affecting our profession. Recent breaches in the UK’s manufacturing and retail sectors reveal how cyberattacks can disrupt the physical supply chains that drive industries and the economy. Like an earthquake, a breach sends shockwaves that cause damage far beyond the epicentre. While the targeted organisation feels the impact most acutely, such attacks rarely harm only one victim. Entire supply chains can be incapacitated as connected companies are also brought down.
The recent Jaguar Land Rover (JLR) attack typifies this ripple effect:
- Operations at its factories were completely shut down, preventing the manufacturing or purchase of goods, impacting JLR’s customer base.
- Unions were pushing for a furlough scheme to be introduced after some staff had wages cut or even lost their jobs.
- The government gave JLR a £1.5 billion loan, enabling it to keep the lights on, which will have an impact on the public purse.
- Multiple suppliers – many of which are smaller companies – have expressed fears that they could go out of business whilst production is stalled, as JLR is one of their main customers.
No one knows how long the effects of this attack will last. With JLR facing repayment of a major government loan and smaller suppliers potentially forced to close, the wider UK economy could feel the impact for years. Analysts are already forecasting that it could be the most economically damaging cyber event the UK has ever experienced.
As a profession, cyber security must do more to prevent incidents of this scale. Basic hygiene – patching, staff training, and strong security controls – goes a long way. But we know that a determined adversary will find their way through even the toughest controls.
This is why collaboration and sharing intel is so vital in our profession. Ultimately, we’re all fighting the same fight, and the sum of parts is always stronger than the individual pieces. As a profession, we must promote more open communication about cyberattacks. This means revealing insights around the latest threats and attack vectors, methodologies for remediation and our own personal experiences of attacks, including how we fought back against them. We learn from both our own mistakes and the lessons of others that have been through similar experiences. Without collaboration, cybersecurity professionals are left to act in isolation.
At 2023’s CIISec LIVE, we heard from Heather Lowrie, the CISO at the University of Manchester. She was the university’s first ever CISO, and was leading the security function when the institution suffered a major cyberattack. Far from being closed off about the breach, it was fascinating and insightful to hear Heather speak candidly about discovering, responding to and recovering from the attack. Last year, we also had Jules Gascoigne, CISO at Transport for London, and Mike Fell OBE, Executive Director, national Cyber Security Operations at NHS Digital, discussing similar themes.
The theme of this year’s LIVE conference is “Stronger Together: Reinforcing trust through collaboration”. Given the timing of the JLR attack, and its effect on a wide range of companies and individuals outside of the organisation, the topic of collaboration and remembering that we’re all one profession has never been so poignant. We hope to see you at LIVE, where you can hear peers discuss the latest trends and share their real-world experiences.
