Cyber-criminals are seeking out new prey. Industries that previously had a lower threat profile – such as oil-and-gas, manufacturing, and shipping – are now falling victim to cyber-attacks at an increasing rate. In some cases, the cyber criminals are using the supply chains of companies in these industries as entry points for the attacks. In other cases, the criminals target these companies directly. In either case, the organizations these companies are third parties to – their clients – are often impacted.
As a result of this new trend, governments are stepping up with new efforts – laws, regulations, and guidance – to help create national supplier ecosystems that are more resilient to cyberattack. Industries are also creating their own working groups and other types of infrastructure to help increase communication about cyber risk – to share experiences as well as information on prevention and resilience. The evolution of cybercrime is rapid – governments, industries and individual companies are working hard to stay ahead of the threat.