Jake Olcott, VP Government Affairs at BitSight

Supply chains are under greater threat than ever from highly organised cyber criminals, a leading name in the IT security space has claimed.

The comments of Jake Olcott, VP Government Affairs at BitSight, come after researchers from Kaspersky Lab identified a major supply chain hacking campaign that features ASUS, one of the world’s largest computer makers.

The issue, he said, highlights the growing risk from supply chain attacks, where malicious software or components get installed on systems as they’re manufactured or assembled, or even afterward through trusted vendor channels.

“Supply chain risk is one of the biggest challenges in cyber today. Tech companies issuing remote patching and remote updates to customers are increasingly targeted because of their broad, trusted relationships with their customers,” he commented. “Companies must conduct more rigorous diligence and continuously monitor these critical vendors in order to get a better handle on this risk.”

Olcott has previously served as legal advisor to the Senate Commerce Committee, and as counsel to the House of Representatives Homeland Security Committee.

BitSight is a cybersecurity ratings company that analyses companies, government agencies and educational institutions. It is based in Back Bay, Boston. Security ratings that are delivered by BitSight are used by banks and insurance companies among other organisations.

by Guy Matthews