The former Chief of the UK's National Cyber Security Centre (NCSC) has highlighted Critical National Infrastructure as the next big ransomware target – and warned of the potential for attacks against vendors to cause widespread disruption to essential services.
In a recent interview, Ciaran Martin said that there are important lessons to learn from events such as the infamous Colonial Pipeline incident, where the pipeline itself was not targeted but its billing systems were taken offline, forcing the entire operation to halt.
He highlighted the need for operational resilience in the face of these attacks, where complex organisations must ensure that they have contingency plans in place for events where key suppliers or external systems suddenly become unavailable. An example of this is the anti-fragile principle, as discussed in a previous Darkbeam blog post.
Simulating Third-Party Cybersecurity Incidents
In 2022, Darkbeam worked with BT in a two day simulation exercise, exploring the impacts of external incidents on the business's operations. The Financial Times covered the simulation and Darkbeam's involvement in this report.
“What Colonial Pipeline showed us is that an ordinary common or garden ransomware attack can actually take out the pipeline without touching the pipeline,” he said in an interview with ITPro.
“Critical functions can be severely disrupted without attacking the critical functions, but just attacking the things that help you run them, which tend to be less well protected.”
In 2022, the FBI received 870 reports of cybersecurity incidents impacting organisations related to US Critical National Infrastructure; with Healthcare and Manufacturing being the most affected.
NCSC's advice for collaborating with vendors on cybersecurity
Darkbeam has summarised the NCSC's supply chain cybersecurity advice in the past. Additionally, their 'Cybersecurity Toolkit for Boards' contains five indicators of success for collaborating with supply chain partners.
Whilst there is no 'magic bullet' for cybersecurity, Darkbeam's comprehensive dual-capability platform combines Vulnerability Intelligence and Threat Intelligence to help organisations address the NCSC's steps.
|NCSC Indicators of Success||How Darkbeam Supports|
|Is supplier performance being regularly measured against defined metrics, and is this visible to board members?||
Darkbeam's technology automates the process of measuring and monitoring risk levels among third-parties.
|Is your organisation developing threat assessments and incident response exercises in collaboration with suppliers and partners?||
Darkbeam's automated nature and cloud-based platform promote visibility and collaboration.
|Are high severity supply chain risks tracked and reported to the Board?||
Darkbeam empowers CISOs to have board-level conversations about cyber risks, supported by intelligence-led insights.
|Does the organisation have a defined process for onboarding and managing suppliers?||
Darkbeam supports fast, comprehensive pre-onboarding assessments and continuous risk management of vendors.
|Are products/services provided by partners/suppliers documented?||
Darkbeam focuses on Cyber Risk Management and is intended to complement existing vendor management processes to provide enhanced protection and threat insights.
To help businesses implement capabilities and processes regarding cyber risk among their third-parties, Darkbeam offers its dual-capability platform as a standalone platform and as part of a Managed Service.
Supporting Critical National Infrastructure
"Darkbeam's data and support are a valuable component of BT Sourced's risk management workflow. Being able to identify vulnerabilities in our suppliers instantly allows our team to make informed decisions that increase resilience across all categories."
Cyril Pourrat, Chairman, BT Sourced
For more information about how Darkbeam works with organisations - including those which are part of Critical National Infrastructure - please contact us using the form below or by calling +44 (0)20 3833 0348.