The case of Collective Defence in the expanded digital supply chain

Just last year the SolarWinds breach exposed the reality that organisations across the public and private sectors are tightly interconnected in a complex ecosystem of peer agencies and organisations, partners, and suppliers — large and small — within and across governments and private enterprises.

Early this year, attacks on third party vendors such as Accellion’s legacy large file transfer product and SITA’s Passenger Service System (PSS) affected major organisations around the world including a Singapore telecommunications provider and an airline service, respectively. 

Evidently, indirect attacks to organisations’ supply chain have increased in both frequency and severity. With digital services such as cloud providers in the mix, we are now talking about a multi-faceted ecosystem surrounding your core business. 

While you may have invested greatly in cybersecurity controls and are confident about your company’s own security safeguard, often, the first target in a cyberattack is not always a single organization but rather a web of interconnected entities. More often than not, this includes vulnerable, smaller enterprises within the supply chain that may not have the resources to implement all the cyber defences required to counter sophisticated attacks.

The much-needed push for collaboration 

Attackers are getting more powerful, in part due to a rise in collaboration, or “collective offense.” Simply put, the bad guys are collaborating more quickly, effectively, and profitably than ever — from increased sharing of data on the dark web and exploit tools to successful breaches, cyber-offense outsourcing by nation-state actors, and the rising cottage industry of various independent “cyber mercenary” groups. 

Most attackers today leverage advanced techniques that are designed to evade traditional cybersecurity tools. As such, the ability to analyse and correlate seemingly unrelated instances is more critical than ever to help identify sophisticated attackers who leverage varying infrastructures to hide their activity from existing cyber defences.

Acknowledging that most organisations today rely on vendors to support operations, the Singapore Government has highlighted the need to establish best practices to better manage cybersecurity risks across the supply chain among all stakeholders. 

Taking a big step ahead on this, the Critical Information Infrastructure (CII) Supply Chain Programme was recently launched to foster greater collaboration among the Cyber Security Agency (CSA), CII owners, and their vendors. 

The programme will be an important first step to build a more robust supply chain defence system. Organisations must come together to help each other identify attacker behaviour, and at the same time, better protect their own network. 

Strength in numbers with Collective Defence 

Running parallel to CII Supply Chain Programme’s purpose, a renewed vigilance through a Collective Defence approach will be the future of cyber defence in a world of rapidly escalating unknowns. 

It is no longer sufficient for organisations across sectors to safeguard itself through a traditional, siloed approach to cybersecurity, especially as more and more adversaries, are accessing targets through weak spots in the supply chain. 

When your entire supply-chain network operates collectively to defend against threats across the ecosystem in real time, you would be able to gain broader visibility of the threat landscape across your company’s value chain, and proactively defend against incoming attacks.

Without question, visibility across the ecosystem is paramount. Collective Defence up-levels the defensive capabilities of any one player. There is strength in numbers when analysts across sectors can share threat intelligence in real time.

Collective Defence will enable enterprises to paint a bigger picture of an attack well beyond their own enterprise – only then can we build a unified front in the face of attackers.