News for Tool Hire, Equipment Hire & Plant Hire and Rental Professionals

Cybersecurity twist

22 August 2022

Cybersecurity twist

We often hear of malware attacks and the need to enhance our own cybersecurity, but a recent event highlighted the potential risk if others in the supply chain are affected.  

A well-known hire industry supplier had to inform its customers that its product deliveries were being disrupted because of a malware attack suffered by its third-party shipping software company. 

Their own system was secure but the supplier’s difficulties meant that the issue was beyond their immediate control. 

Cybersecurity had become a major element in risk planning – indeed, many organisations say it is the most significant factor in their business continuity planning as it could lead to reputational loss, revenue loss and financial penalties.

However, most attention is typically – and understandably – focused on a company’s own internal systems rather than those of their suppliers. They may have their own house in order but a lapse in a third party’s system could have serious repercussions. 

Many organisations continually review and update their cybersecurity measures each year, and this should clearly include relevant third parties as well. 

“Businesses can get cover against cybercrime risks that includes third party risks as well as first party,” says Anders McLocklan, account director for specialty and risk with Towergate Insurance Brokers which is also the sole broker for insurance services offered to HAE members. 

“It is certainly worth asking third party suppliers of services to confirm their cybersecurity measures they have in place and to ask about their disaster recovery planning. It might be that your own company has cover but there could be knock-on effects throughout other parts of the supply chain.” 

● The Government’s Cyber Security Breaches Survey published earlier this year found that in the prior 12 months, 39% of UK businesses identified a cyber attack, remaining consistent with previous years of the survey. The most common threat was phishing attempts (83%). Of the 39%, around one in five (21%) identified a more sophisticated attack type such as a denial of service, malware, or ransomware attack. Despite its low prevalence, organisations cited ransomware as a major threat, with 56% of businesses having a policy not to pay ransoms.

The UK’s National Cyber Security Centre has advice on protective measures that individuals and businesses can take. The centre has also issued guidance for organisations working in construction and related industries on improving the security and resilience of their business against cyber threats. 


Subscribe

I am constantly adding new content. If you subscribe FREE using the form below, I'll send you my weekly bulletin summarising the latest hire industry stories - and I'll also send you a PDF of 10 fascinating interviews with national and independent hirers, giving their views about business and their secrets of success!