Channel backs government plans to tighten supply chain security


At the start of the week, the government revealed that it wanted to boost the cyber resilience of UK supply chains and would consider calling on managed service providers (MSPs) to adhere to rules that ensure they are secure.

Those that operate on the security and data protection side of the channel have broadly welcomed the consultation started by the Department for Digital, Culture, Media and Sport (DCMS).

There is a feeling among many in the channel that security is already taken extremely seriously, and any hoops that the government would require MSPs to jump through could be accommodated and are likely to be already met by many suppliers.

The consultation period kicked off this week and runs until 11 July, with MSPs getting the chance to share their thoughts. The DCMS is keen to hear about best practices and examples of good supplier risk management.

The government hinted that one of the ideas it is considering is that it could become mandatory for MSPs to meet the current Cyber Assessment Framework and adhere to the 14 principles that encourage higher levels of security.

Andrew Pitt, co-founder of security specialist Saepio, said that those channel players that already understood the importance of securing their own data would not be phased by the government’s discussion.

“We are very centred around strengthening the community and ensuring we are doing everything we can to mitigate the risk,” he said.

“Cyber security definitely has our government’s ear and as a result we are able to substantiate the messaging from a business point of view and relate it back top parliamentary initiatives,” he added. “It’s good that our government is focused on supporting businesses and cyber security businesses.”

Brooks Wallace, vice-president of Europe, Middle East and Africa (EMEA) sales at Deep Instinct, also welcomed the opportunity to share thoughts about how MSPs could improve their security levels, and saw the DCMS move as a positive.

“The DCMS can help to educate [MSPs] on the value of prevention and what it can mean for an MSP in the marketplace. That’s exactly what we want to hear because we can help out,” he said.

Others in the industry accepted…

Source…