The Cybersecurity Standards Landscape & Supply Chain Standards

by Chad Kymal published on February 02, 2022

The cyber threats landscape is constantly evolving. Cybersecurity is of great importance, as it is the backbone of communications and information exchanges of all kinds. The Defense industry has adopted the CMMC 2.0 standard and rolled out the updated Cybersecurity requirements of the Department of Defence (DOD). What is the current cybersecurity standards landscape, and what are industries doing to address this grave danger?

Cyber Attacks Are Real

Cybercrimes have risen 600% since the pandemic struck. Ransomware attacks are costing organizations 6 Trillion dollars. On average it took organizations one week to get control over their systems greatly costing them. A new organization fell victim to ransomware every 14 seconds in 2019, and every 11 seconds by 2021 (Source). These statistics should shock us all. In 2021 one out of 61 organizations were under threat from a Cyber Attack each week. As ransomware becomes more sophisticated this number will likely increase in 2022. (Source). Making things worse is the Solar Winds Orion breach as shown in the next section.

Supply Chain Attacks

The SolarWinds Orion compromise will leave organizations susceptible to supply chain attacks. In this case, a weak supplier will be hacked into to gain access to their customer. Attacks of this nature will be more commonplace in the future, leaving industries and large corporations susceptible.

Download this article by Chad Kymal to Know more about "The Cybersecurity Standards Landscape & Supply Chain Standards"

Author

Chad Kymal

Chad Kymal is the CTO and Founder of Omnex Inc. He is the author of seven books and more than 100 papers including several on integrated management systems. Chad is currently on the writing committees for several standards including TC 22/ SC 32/WG 8 for ISO 26262 (Functional Safety), ISO/TC 176 for ISO 9001:2015 (Quality Management), ISO/TC 207 for ISO 14001:2015 (Environmental Management), and PC283 for ISO 45001 (Health and Safety Management Systems). He founded and was the CEO of an Automotive registrar for over 10 years and is familiar with conducting audits, being witnessed for audits, and also evaluating auditors and assessors. He authored and teaches a course for 3rd Party Auditors for Automotive Registrars on behalf of International Automotive Certification Bodies Association (IACBA). This course explains how 3rd Party Auditors audit IATF 16949 in an environment that includes ASPICE, Functional Safety and Product Cybersecurity. He is currently rolling out the course to global 3rd Party Auditors for IATF 16949. Chad has spent over 20 years in system, hardware and software development in various capacities. He assesses and works in automotive system, hardware and software for Agile, ASPICE, and Functional Safety ISO 26262. Chad is also currently an intacsTM certified Principal Assessor for Automotive SPICE.