Supply Chain Risk Management Capabilities Center
Johnson Controls International has confirmed that a September 2023 ransomware attack cost the company $27 million in expenses and led to a data breach after hackers stole corporate data.
Johnson Controls is a multinational conglomerate that develops and manufactures industrial control systems, security equipment, air conditioners, and fire safety equipment.
Zero-day exploits, supply chain attacks fuel 72% increase over previous record for incidents of compromise. Another increase is expected for 2024.A new record for data breaches reported to the Identity Theft Resource Center (ITRC) was set in 2023, spurred by zero-day and supply chain attacks, according to the organization’s annual data breach report released Thursday. The report noted that the number of data compromises in 2023 jumped 78% over 2022, to 3,205 from 1,801 and exceeded, by 72%, the previous high of 1,860 breaches recorded in 2021.
In its Tech, Media and Telecom Predictions 2024 report, Deloitte says the supply chain sector will face “significant” raw material shortages, particularly gallium and germanium – vital minerals needed for chip manufacturing.
Deloitte says that interest in electronic waste (e-waste) recycling is likely to grow in response to these shortages. E-waste recycling is the disassembly and separation of components and raw materials of waste electronics from devices such as PCs and mobile phones.
The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international cyberattack.
It had never had outside help in protecting its systems from a cyberattack, either at its existing plant that dates to the 1930s or the new $18.5 million one it is building.
Then it — along with several other water utilities — was struck by what federal authorities say are Iranian-backed hackers targeting a piece of equipment specifically because it was Israeli-made.
Nine out of 10 cyber attacks launched at automotive manufacturers are not aimed at the original equipment manufacturers (OEMs) themselves, but at other companies in their supply chains, according to a study from cybersecurity software and service provider VicOne.
Following a recent cyberattack at a Pennsylvania water utility, federal officials have confirmed that multiple additional water utilities in the US running the same industrial equipment have been breached by hackers, two people briefed on the matter told CNN.
WASHINGTON – As part of the inaugural meeting of the White House Council on Supply Chain Resilience, President Biden and Secretary of Homeland Security Alejandro N. Mayorkas unveiled the Supply Chain Resilience Center (SCRC), a new U.S. government entity designed to collaborate with the private sector to better secure our supply chains. The SCRC will analyze vulnerabilities and conduct scenario planning with private sector stakeholders to help mitigate supply chain disruptions, ensure reliable and efficient deliveries of goods and services, and lower costs for the American people.
The National Security Agency (NSA), Office of the Director of National Intelligence (ODNI), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have released a cybersecurity technical report (CTR), “Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption.” The guidance in this release aids software developers, suppliers, and customer stakeholders in ensuring the integrity and security of software via contractual agreements, software releases and updates, notifications, and mitigations of vulnerabilities.
The DHS and two of its agencies, CISA and FEMA, on Tuesday announced the launch of a new campaign whose goal is to help critical infrastructure organizations become more secure and resilient.
The new campaign, called Shields Ready, complements an existing campaign named Shields Up, which focuses on providing recommendations and other resources that can help critical infrastructure organizations reduce risk in response to specific threat intelligence.
The Defense Department will release its first defense industrial strategy by the end of the year to better utilize the defense industrial base, while helping to secure supply chains to ensure the DoD is well prepared for the future.
The strategy will focus on four key pillars, said Justin McFarlin, the deputy assistant secretary of Defense for industrial base development and international engagement: resilient supply chains, workforce readiness, flexible acquisition and economic deterrence.
McFarlin said that supply chain and workforce are issues also affecting industry, which is still experiencing the impact of the COVID-19 pandemic and retention challenges.