{"id":227563,"date":"2026-06-08T00:00:00","date_gmt":"2026-06-08T04:00:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/08\/process-and-control-today-cyber-attacks-via-supply-chain-entirely-avoidable-says-cybersecurity-expert\/"},"modified":"2026-06-08T00:05:11","modified_gmt":"2026-06-08T04:05:11","slug":"process-and-control-today-cyber-attacks-via-supply-chain-entirely-avoidable-says-cybersecurity-expert","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/08\/process-and-control-today-cyber-attacks-via-supply-chain-entirely-avoidable-says-cybersecurity-expert\/","title":{"rendered":"Process and Control Today | Cyber-attacks via supply chain entirely avoidable, says cybersecurity expert"},"content":{"rendered":"

Process and Control Today | Cyber-attacks via supply chain entirely avoidable, says cybersecurity expert<\/a><\/p>\n

https:\/\/www.pandct.com\/news\/cyber-attacks-via-supply-chain-entirely-avoidable-says-cybersecurity-expert<\/a><\/p>\n

Publish Date: 2026-06-08 00:00:00<\/a><\/p>\n

Source Domain: www.pandct.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

08\/06\/2026 \u00a0Cybit <\/p>\n

Ben Large,\u00a0Head of Cyber\u00a0at\u00a0Cybit,\u00a0says\u00a0there is\u00a0glaring disparity between prevalence and\u00a0preventative measures, but that AI could be a game-changer
\n\u00a0
\nCybersecurity\u00a0expert Ben Large,\u00a0Head of Cyber\u00a0at\u00a0one of the country\u2019s leading\u00a0technology solutions\u00a0firms,\u00a0Cybit,\u00a0says the government\u2019s\u00a02026\u00a0cybersecurity\u00a0survey\u00a0highlights\u00a0the gap between supply chain\u00a0vulnerabilities\u00a0and the level of preventative measures taken by medium and large firms.
\nThe survey reports that only 15% of companies review immediate suppliers\u2019 cyber risks, and\u00a0just\u00a06% review wider supply chain cyber risks.
\nYet all evidence points to the supply chain being a focal point for\u00a0cyber-attacks, as highlighted by last year\u2019s\u00a0attack on\u00a0Jaguar Land Rover, which\u00a0halted\u00a0production for several weeks\u00a0and resulted in a direct cost to the company of almost \u00a3200 million, and cost\u00a0an estimated \u00a32 billion to the wider UK economy.
\nBen Large commented; \u201cIt\u2019s no longer enough to\u00a0keep\u00a0just\u00a0your own systems and networks secure. Most organisations rely on\u00a0connections to\u00a0their supply chains,\u00a0so\u00a0strict access controls\u00a0and\u00a0continuous monitoring\u00a0are now essential.
\n\u201cDespite three quarters of UK businesses having basic\u00a0cyber security provision\u00a0such as password policies, restricted admin rights,\u00a0and firewalls, the vast majority\u00a0are\u00a0neglecting to consider the risks for business continuity when it comes to their supply chain.
\n\u201cThis leaves them\u00a0not only vulnerable to an attack\u00a0themselves but\u00a0also risking\u00a0business continuity if there is an attack on suppliers, putting a question mark over their whole supply chain resilience.
\n\u201cAlthough\u00a0cyber security is seen as an IT challenge, this makes\u00a0it\u00a0a risk factor across the whole business,\u00a0requiring planning and buy in from a much wider range of departments.\u201d
\nRecent\u00a0high-profile\u00a0attacks through their supply chain network also include\u00a0Marks & Spencer and the Co-op\u00a0who\u00a0suffered\u00a0highly disruptive\u00a0attacks\u00a0that were traced to\u00a0a shared third-party vendor.
\nThe result of these saw\u00a0Marks & Spencer\u00a0take\u00a0a\u00a0\u00a3300 million\u00a0profit\u00a0hit,\u00a0while\u00a0the\u00a0Co-op\u00a0took a\u00a0hit\u00a0of\u00a0\u00a3206\u00a0million\u00a0in lost\u00a0sales, and\u00a0\u00a3120 million\u00a0in\u00a0lost\u00a0profits.
\nHowever, there are actions businesses can take to ensure they are mitigating against either a direct\u00a0cyber-attack\u00a0through their supply chain, or disruption due to a\u00a0cyber-attack\u00a0within\u00a0it.
\nBen Large explains; \u201cA good starting point would be to mandate that all\u00a0third parties\u00a0achieve a minimum recognised certification, such as the government\u2019s Cyber Essentials. This ensures that every supplier has considered, and put in place, measures to protect their business from a cyber-attack.
\n\u201cUndertaking a risk assessment across your supply chain to assess continuity issues and contingencies can also ensure the impact of an attack on your business\u00a0will be\u00a0minimised.\u201d
\nThe use of Multi-Factor Authentication (MFA) is highly recommended where third parties\u00a0have\u00a0access\u00a0to\u00a0a company\u2019s systems, and GCHQ recently recommended companies should replace passwords with passkeys, which are resistant to phishing as they cannot be intercepted,\u00a0for user-authentication.
\nBen Large continued;\u00a0\u201cThere are\u00a0now\u00a0AI\u00a0tools emerging that can\u00a0analyse deep into\u00a0supply chains\u00a0connections and networks,\u00a0so\u00a0a third-party risk management strategy must be\u00a0put in place that considers\u00a0every\u00a0possible entry point to the company\u2019s systems and data.
\n\u201cThese\u00a0tools go far beyond current\u00a0antivirus\u00a0solutions, which\u00a0rely primarily on identifying threats based on known\u00a0virus\u00a0signatures.
\n\u201cEndpoint Detection and Response provides\u00a0continuous monitoring and analysis of endpoint activities, but\u00a0they rely on agents installed on owned systems so may\u00a0not\u00a0be suitable for securing third-party networks and systems.
\n\u201cHowever, Extended Detection and Response goes beyond\u00a0this\u00a0by integrating data from cloud environments, network firewalls, and email gateways, opening up the possibility of extending security boundaries.\u201d
\nBen Large\u00a0adds that\u00a0Managed Detection and Response\u00a0(MDR)\u00a0currently\u00a0offers the most complete solution, noting; \u201cMDR\u00a0deals\u00a0with a broader range of cybersecurity challenges, incorporating behavioural analysis and\u00a0real-time\u00a0intervention.
\n\u201cWhen combined with advanced AI, MDR identifies and deals with risks associated with privilege abuse, account takeovers, and insider threats.\u201d
\nThe risk of a cyber-attack\u00a0is real.\u00a0Overall,\u00a043%\u00a0of businesses\u00a0(about 612,000)\u00a0and\u00a028%\u00a0of charities\u00a0(about 57,000)\u00a0reported having experienced any kind of cyber security breach or attack in the last 12 months, which is\u00a0on par with the previous\u00a0year.
\nBut when\u00a0you\u00a0add into the mix the impact of a cyber-attack\u00a0within your supply chain\u00a0then\u00a0the chance of\u00a0that\u00a0affecting your business in the next 12 months is significantly higher.
\nBen Large concludes; \u201cBased on\u00a0this\u00a0survey, and what we are hearing from our\u00a0clients, there\u00a0is\u00a0a growing need to take a more holistic\u00a0approach\u00a0to cyber security, engaging c-suite and logistics departments\u00a0to ensure\u00a0supply chain threats are understood and acted upon.
\n\u201cBusiness owners\u00a0also\u00a0need to know that it is a legal requirement to report a breach to the Information\u00a0Commissioner\u2019s\u00a0Office, when for\u00a0example, personal data has been stolen.\u201d<\/p>\n

Request FREE information from the supplier on the products in this article<\/p>\n

Login or Register<\/p>\n

Process and Control Today are not responsible for the content of submitted or externally produced articles and images. Click here to email us about any errors or omissions contained within this article.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Process and Control Today | Cyber-attacks via supply chain entirely avoidable, says cybersecurity expert https:\/\/www.pandct.com\/news\/cyber-attacks-via-supply-chain-entirely-avoidable-says-cybersecurity-expert…<\/p>\n","protected":false},"author":1,"featured_media":227564,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"http:\/\/www.pandct.com\/uploads\/news_images\/Cybit%208626.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,30,24,25],"class_list":["post-227563","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-breach","tag-cybersecurity","tag-phishing"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227563"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=227563"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227563\/revisions"}],"predecessor-version":[{"id":227566,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227563\/revisions\/227566"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/227564"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=227563"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=227563"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=227563"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}