Securing corporate supply chains should be the number one priority for CISOs over the next 12 months, according to business resilience group, Resilience First, as the COVID-19 crisis has brought our reliance on the internet into sharp focus, and raised serious questions about China’s role in digital supply chains.

Robert Hall, executive director, Resilience First said: “COVID-19 has raised a number of significant issues for the technology sector, of which supply chain security and resilience is one of the most important.

“Serious questions have also arisen over the actions of China in the pandemic and this has generated implications for the role of Huawei in 5G. The potential is huge for 5G, but the security and political factors are currently pulling in different directions. The Huawei issue is big enough in itself but COVID-19 has also raised wider questions.”

Andrew Glover, chair of the Internet Services Providers' Association says lessons must be learned from lockdown, and that best practice trumps regulation when it comes to getting it right.

“Early media stories that the internet would not cope proved wide of the mark. Traffic has been doubling year on year anyway. Daytime usage has surged but the overall traffic has not been outside of expectations and we still have plenty of capacity headroom. Networks are still below peak demand seen during large video game releases and remote working generally uses less data-heavy activities like email and video conferencing.”

“In terms of supply chain resilience, you probably need more than one source of whatever is your most critical dependency. For many people that is internet access. 5G will provide more reliable and faster connectivity to enable us to do more exciting things. Excluding anyone from a supply chain is going to disrupt that supply chain.”

“More regulation is likely from government to ensure that companies are securing their own supply chains, but best practice rather than regulation is the answer.”

Cyber security issues are also coming under increasing scrutiny. Cath Goulding, chief information security officer at Nominet UK said the domain name registry had been working closely with law enforcement and had seen a 30% increase in the suspension of domain names linked to fraudulent online activity in recent weeks.

“Supply chain security is the most important consideration for CISOs. A really good exercise for any business is to identify your critical suppliers, like power and telecoms and look at whether you are comfortable with the contractual controls in place," she added. "Even the US military are said to only be able to identify the top three of seven layers of their supply chain.”

Share Story: