U.S. National Cybersecurity Strategy Highlights Global Responsibilities for Robust Endpoint Protection and Breach Disclosure
Cybersecurity is a commitment that must extend far beyond an organization’s security team. It must become a mindset of shared, global responsibility. Insufficient cybersecurity and lax breach disclosure practices can create a ripple effect that leads to massive supply chain disruptions and serious consumer compromise. Even a small company victimized by a breach can result in catastrophic repercussions for an entire supply chain.
Even a small link in the supply chain exerts a powerful influence
A case in point is the February 2022 attack on Kojima Industries, a small Japanese company that makes cup holders, door pockets, and USB sockets for car interiors. While it seems like Kojima would assume a small role in the supply chain, the hack caused the entire production line of Toyota to shut down. Toyota was forced to stop operations at 14 factories at a loss of $375 million.
Supply chains are a complex and codependent matrix that can implode in the face of a single breach if robust cybersecurity is not in place. Each vendor component is responsible for deploying strong security measures to maintain the chain’s integrity.
Japan has been suffering from rapidly escalating supply chain and malware attacks, exposing the country’s security deficiencies like slow incident response and a lack of transparency. Additionally, Japan compounds the threat landscape with its reluctant breach disclosure practices. They have historically maintained a more passive stance by requesting companies that provide critical infrastructure such as power, gas, telecommunications, and transportation systems to report any cybersecurity incidents voluntarily.
Even the wealthiest countries that have embraced sweeping digital transformations are guilty of underestimating the ramifications of insufficient cybersecurity measures and failures in breach disclosure. The position of voluntary adherence to cybersecurity guidelines and breach disclosure is clearly inadequate to secure a nation’s critical infrastructure against sophisticated cybercrime.
It’s time to establish mandatory levels of cybersecurity
Without some level of mandatory requirements, our efforts against cyber exploitations will continue to be insufficient. In response to this increasing need, the White House released the National Cybersecurity Strategy that calls for comprehensive regulations to bolster the security and resilience of the cyber landscape.
In the March release, the Biden administration called for federal agencies to set minimum cybersecurity requirements in critical sectors. The strategic plan focuses on protecting critical infrastructure, like hospitals and energy facilities. Additionally, it stresses the administration’s desire to partner with international coalitions to counter cyber threats globally.
Regulations that mandate breach reporting and the assignment of heavy fines for lack of compliance are on the horizon. Pressure from more state and federal sector-specific breach notification laws will require the reporting and data sharing of breaches, which can help affected parties take the necessary steps to mitigate the breach’s negative impact. In this climate of escalating cybercrime, companies across the globe must recognize a moral and legal obligation to disclose breaches with clarity, timeliness, and accuracy.
Strong cybersecurity requires effective core components
A robust cybersecurity program should have a multilayered approach that includes an endpoint protection platform (EPP) with endpoint detection and response (EDR), privileged access management (PAM), and zero trust network (ZTN) to provide the necessary transparency and rapid response.
Effective EPP with EDR capabilities provide significant security benefits, including:
- Enable the time needed to prevent or mitigate an attack before data deletion, manipulation, or exfiltration occurs
- Protect users from potential loss of personal and financial data
- Provide security teams with real-time data analytics on types of attacks and target tendencies to guide decisions on security investments
- Increase visibility and management of endpoints across an organization
- Maintain the security and integrity of supply chains
RevBits multilayered cybersecurity
RevBits patented, unique methodologies can thwart the most sophisticated and malicious criminal activities. RevBits’ full suite of cybersecurity solutions covers the entire threat landscape — targeting endpoints, emails, networks, and privileged accounts. RevBits next-gen technology protects all of these potentially vulnerable vectors.
RevBits Endpoint Security and EDR leverage sophisticated analysis methodologies with deep forensics and mitigation capabilities. RevBits Endpoint Security automatically detects, classifies, blocks, and reports exploit attempts, including Zero Days.
Download our eBook to learn about RevBits multilayered cybersecurity solutions.
Originally published by www.revbits.com
