Organizations must shift to an intelligence-led approach to cyber risk, especially when considering the third parties they work with within their supply chains.
Ahead of the Third Party Risk Management Digital Summit, Robin Smith, head of cyber and information security
at Aston Martin Lagonda, gave insight to Cyber Security Hub into how he is developing a positive design cyber approach to streamline the onboarding of third parties at the motor manufacturer.
Importantly, Smith says this approach is applicable across all industries, not just auto manufacturing.
The cyber threat intelligence management (CTIM) model to can be used to understand risk intelligence within an organization’s supply chain. During his presentation, Smith will demonstrate this with intelligence gathered from real life examples such as the 2020 Sopra Steria ransomware attack.
On 21 October 2020, Sopra Steria, a French IT services firm, announced it had detected a cyber-attack using a previously unknown version of the Ryuk ransomware. The company was reported to take a multi-million euro hit because of the attack, with Smith explaining it affected the French firm’s supply chain.
Using that example Smith will show how the CTIM model allows organizations to assess and interpret that intelligence and take proactive action to mitigate the supply chain contagion.
Supply chain risk
Ultimately a failure to understand ‘unknown unknown risks’ leads to poor planning in response to cyber-attacks, says Smith.
Smith’s session during the CS Hub Digital Summit will explore how to understand this type of risk using a model to forecast and manage third-party risks basing it on supply chain assessment and supply chain experience.
Smith promotes the idea that more knowledge management and root cause analysis will ensure that cyber incident response is informed by experience and the realities of the situation rather than the best guesses.
“It’s about forecasting evidence-based responses that gives an organization greater insight and awareness into what to direct their resources toward,” he said. “There’s a lot of guessing at the moment and that’s a terrible way to run your planning operations.”
With CTIM, Smith believes organizations stand a better chance of being able to profile their issues, allocate their resources and be more agile in their responses rather than simply being reactive to cyber incidents