On May 30, JBS, the world’s largest producer of beef and pork was hit with a major ransomware attack. The outage impacted the company’s operations in the USA, Australia and Canada. The growing trend in ransomware attacks highlights the vulnerability of organizations in many industries.
As attacks grow in size, the supply chain effects become evident
The JBS outage comes only a few weeks after the Colonial Pipeline ransomware attack that impacted half of the East Coast’s gasoline distribution, and a few months after major healthcare facilities were hit. There is an indication that the size of these attacks is now beginning to affect supply chains.
The direct cost from lost operations, and the payment of ransoms aren’t the only concerns. There is clearly a domino effect that can occur in supply chains. Each organization usually depends on key players in an industry.
Even in small business environments, there is almost always a key supplier that impacts the operation of many others up and down the chain. And when one of these entities gets hit with a cyber-attack, it can have major, unexpected consequences. In particular, the largest businesses will need to start enforcing cybersecurity standards on their supply chains. This is an attempt to reduce the risks of cyber-attacks knocking out key links in the chain, and spreading from one supplier to another.
Standards are good, but the key is in developing and monitoring cyber security proficiency of employees
To strengthen security in these supply chains, we are already seeing a new trend in standards such as SOC 2 and the Cyber Maturity Model Certification (CMMC) among even small service businesses and manufacturers. The intent is to make the supply chain more resilient through employee awareness of security requirements. But while standards compliance can show visible action on the surface, it doesn’t mean that there is significantly less risk from employees being vulnerable or making poor risk decisions.
The businesses working to become compliant with these standards may still be vulnerable after a certification is achieved. This can be especially true if their staff don’t take the requirements of the standard seriously. In fact, they may still not even really know how to implement the security procedures that are intended to protect those business systems.
The best way to ensure that these standards are followed is through a full program of proficiency training and exercises that engage all employees to defend the business’s systems and data. Simulations and gamified challenges effectively engage employees and improve their knowledge retention.
Did you know that Click Armor’s gamified simulation solution has been shown to improve employee proficiency in handling phishing threats by up to 50%?
We can provide gamified challenges and simulations in many risk areas. We can also do gamified assessments for teams, without the need to register employees. You can try a simple gamified phishing assessment at www.canibephished.com to test your own phishing awareness skills.
Contact us to learn more.
Photo by Ant Rozetsky on Unsplash
Cyber Security
Phishing Defense
Phishing threatens businesses and opens the door to ransomware. Fight phishing and spear phishing attacks with gamified learning.
Social Engineering Defense
Social engineering scams are a serious hazard to businesses. Fight back with Click Armor.
Cyber Security Awareness for Remote Workers
Home-based workers are vulnerable to cyber attacks. Build team immunity today.
Privacy and Compliance
PCI Compliance Awareness
When team members work in an environment where they may encounter cardholder data, they need to know what to do to protect it.
Gamified HIPAA Compliance Awareness
If your business is a supplier to a healthcare provider in the USA or Canada, your team needs to know what to do to protect Protected Health information (PHI).
Gamified Learning Platform
Active Awareness Platform
Experience the power of tailored gamified learning with Click Armor. Take your security awareness training to the next level.
