Executive Briefings

Firms Get Guidance on Supply Chain Cybersecurity

The U.K. government has released guidance for businesses using cloud-enabled software such as data storage or anti-virus tools.

Cloud-enabled software is a catch-all term for programs or services that need to connect to a supplier or third party’s own network to function.

The guidance from the National Cyber Security Centre (NCSC) recommends companies using such software understand what information these products can access and it outlines steps businesses should take to reduce risk around cloud services.

NCSC released the guidance following a recommendation to government ministries against using anti-virus software from Russia-based Kaspersky Labs, which has been accused by the U.S. of being used by the Russians for espionage. Kaspersky denies this a claim.

Businesses that use Kaspersky software are not being advised to switch, and the guidance is more generally about the safe use of cloud services.

In a blog-post addressing “speculation about foreign involvement in the U.K. supply chain,” NCSC technical director Ian Levy said the country of origin was not the most important security concern for businesses.

Read Full Article

Cloud-enabled software is a catch-all term for programs or services that need to connect to a supplier or third party’s own network to function.

The guidance from the National Cyber Security Centre (NCSC) recommends companies using such software understand what information these products can access and it outlines steps businesses should take to reduce risk around cloud services.

NCSC released the guidance following a recommendation to government ministries against using anti-virus software from Russia-based Kaspersky Labs, which has been accused by the U.S. of being used by the Russians for espionage. Kaspersky denies this a claim.

Businesses that use Kaspersky software are not being advised to switch, and the guidance is more generally about the safe use of cloud services.

In a blog-post addressing “speculation about foreign involvement in the U.K. supply chain,” NCSC technical director Ian Levy said the country of origin was not the most important security concern for businesses.

Read Full Article