News & Views
In the digitally accelerated COVID-19 environment of 2021, Adam Strange, Data Classification Specialist at HelpSystems (www.helpsystems.com) comments on what are the top data security trends that organisations are facing when it comes to data classification.
Accenture recently quoted that 94% of Fortune 100 companies experienced supply chain disruptions from COVID-19, and that as much as 40% of cyber threats are now occurring indirectly through the supply chain.
“The supply chain ecosystem risk will get bigger,” says Strange. “2020 has been the year where businesses realized more than ever that data security across the supply chain was only as strong as its weakest link, where exposing a business’s network and sensitive data to its suppliers had the potential to carry significant additional risk.”
“We recently interviewed 250 CISOs and CIOs from financial institutions about the cybersecurity challenges they face and nearly half (46%) said that cybersecurity weaknesses in the supply chain had the biggest potential to cause the most damage in the next 12 months. But sharing information with suppliers is essential for the supply chain to function. Most organizations go to great lengths to secure intellectual property (IP), personally identifiable information (PII) and other sensitive data internally, yet when this information is shared across the supply chain, it doesn’t get the same robust attention.”
“The demand for greater resilience across supply chain operations in 2021 will require businesses to move quickly to overhaul existing tech investments and prioritize data governance. Organizations must ensure basic controls are implemented around their suppliers’ IT infrastructure and that they have robust security measures in place,” continues Strange.
“Advanced data classification capabilities will deliver assurance and control to numerous industries including finance, defence and government. Organizations should implement a data classification scheme and embed data risk management into the procurement lifecycle processes from start to finish. By effectively embedding data risk management, categorization and classification into procurement and vendor management processes, businesses will prevent their suppliers’ vulnerabilities becoming their own and more effectively secure data in the supply chain,” says Strange.
HelpSystems advises organizations to ensure their suppliers have a robust approach to security and information risk with security frameworks such as ISO 27001 and Cyber Essentials in place.