After a year in lockdown, in which digital technology has made a major leap forward, cybercrime has moved centre stage. In the US, a series of major hacks, prompted President Biden to issue an ambitious executive order focusing on cyber security. This piece of legislation plans to overhaul cyber security in the US and will have far reaching implications for any business using technology such as the internet of things.
The order promises to create a body which would investigate hacks in the same way as the National Transportation Board currently examines plane crashes. It comes after the US was rocked by a spate of hacks including the extortion of the colonial pipeline which sparked fuel shortages and panic buying across the southern US. Hackers also hijacked the software of Texas company, Solar Winds, to access thousands of official emails.
These hacks illustrated how devastating cybercrime can be and how vulnerabilities among commercial companies can be used to breach government security. Third party cyber crime is a serious but still relatively misunderstood threat. A recent study found that, although 83% of companies feel third party cyber risk is growing thanks to Covid-19, only 40% are expanding their third party risk management programs.
This is great opportunity for cyber criminals – not so great for everyone else. As good as an organisation’s defences are, a third party carrying a flaw can undo all that good work. With government organisations upping their use of third party vendors, this represents a serious weakness in their defences. This Executive Order is Biden’s attempt to fix it.