Businesses are urged to look at their whole supply chain when analysing cyber risk.

In a recent article by – Large businesses ‘overlook’ supplier cyber risk. It focused on the cyber risks that businesses regularly face in terms of their supply chain.

With so much emphasis in the media on cyber security risk prevention, it is great news that businesses are finally taking a firmer stance in protecting their companies, customers and staff.

Ensuring virus protection, firewall & malware monitoring software are installed and all up-to-date, are just some of the protection methods that businesses are using.  In addition, businesses must implement further staff training on how recognise fake emails, ensure passwords are regularly updated and tell staff to report anything to managers that looks suspicious.  There are just some of the precautionary measures that businesses are now taking in response to increased cyber hazards.

Whilst reducing cyber attack risk in-house has definitely improved – together with the introduction of the recent EU GDPR legislation, it is the other areas that businesses now need to focus on especially within their own supply chain which is falling short.

Whilst it is difficult for businesses to control independent suppliers outside of their own company, understanding their suppliers own security measures and cyber attack risk management is crucial.


Cyber risk to assess when bringing on a new supplier

The advice is, when bringing a new supplier in as a provider it is imperative that a few basic questions are asked.  What cyber security protection does the new supplier have in place for their own company? How will the new supplier report and fix the problem should a breach arise? Who is responsible and accountable for a cyber risk within the new supplier’s business?

By asking some basic questions, it not only demonstrates the company’s own responsibility to cyber attack risk but also prompts the supplier that they must adhere and have the correct policies in place if they wish to secure a contract – especially if the supplier is providing goods or services which are linked to internet of things. By having a clear view as to how their business operates in terms of cyber security protection and a signed agreement for cyber security ethical working, will go a long way to improve own brand reputation and reduce the likelihood of a cyber attack risk.

To find out more about how Crendon Insurance Ltd support businesses with cyber risk insurance, please call our team or see our cyber insurance page. We provide companies and organisations with the right cyber security tools to analyse working practice within their own business and that of their own supply chain to ensure that they are clear as to where vulnerabilities could present themselves and in doing so, put in the right measure to reduce cyber risk.

 Blogs used to write this article: