In the last few decades, software companies have dominated large parts of the economy.
When these software companies fail, it affects a wide range of industries and businesses.
Just take for example the ongoing fallout from last week’s cyberattack on dealership software-as-a-service platform CDK Global, which continues to cripple America’s auto sellers. The attack has forced many businesses to close, while others have switched from easy-to-use software products to pen, paper, and other manual processes in order for them perform necessary record-keeping, administration, and administrative tasks.
CDK Global responded to the attack by restoring its systems and services. The company has worked around the clock to minimize the impact on its clients and strive to bring back its full suite services. Despite all efforts, the full impact of the disruption remains unknown.
The incident is a stark reminder about the importance of cybersecurity to protect the integrity of supply chains, a reminder which should never fade.
It’s because last week’s cyber attack was not the only one.
Levi Strauss & Co., a leading apparel company, informed its customers on Friday (June 21) that attackers had gained access to up to 72,000 shoppers’ information via an automated credential-stuffing attack. The bad actors obtained names, saved delivery address, order histories and email addresses. They also got partial payment information.
Read more: Cyberattack on software provider stalls out US car dealer sector
The digital threat landscape continues to expand
This summer has seen a flurry of cyberattacks against critical infrastructure. The attacks on Levi and CDK Global are just the tip.
As PYMNTS previously reported, operations at a number of London hospitals were disrupted on June 3rd after lab services provider Synnovis had been targeted by a ransomware.
Due to the theft of data, hospitals affected postponed more than 1,100 planned surgeries and 2,100 outpatient appointments.
According to a BBC report, a cybercriminal gang claiming responsibility for the disruption shared almost 400GB worth of sensitive data, including patient names, dates and births, NHS numbers, and descriptions of blood tests, on their darknet website and Telegram channel.
Reuters reported that Advanced Micro Devices (AMD), a company that manufactures computer chips, said it was investigating claims of a cyber-hack by a cybercriminal group. AMD believes a limited amount of information related to the specifications used to assemble some AMD products were accessed through a third party vendor site.
Mike Storiale is the vice president of innovation at Synchrony and told PYMNTS that “identity thefts, phishing, and data breaches are all more common.”
See also: New NIST Playbook Offers Recovery Techniques as Data Breaches Proliferate
Cybersecurity After Action Programs
PYMNTS wrote that many of the fundamental challenges organizations face in maintaining data security are due to the sheer volume of data they hold, the different ways users can access it (on-site or remotely, on a computer or mobile device), and the possibility of valid user credentials getting compromised by unauthorized users.
Erik Sallee, the CFO of XiFin told PYMNTS that cybersecurity has been a concern for many years. There’s no other way to deal with it than by blocking and tackling. Doing the right thing each day, keeping your systems updated, working with good vendors and investing in it. It’s an investment that will save you money, but you must understand it and not short-change it .”
Businesses must implement cybersecurity awareness training and conduct vulnerability assessments to identify and mitigate any potential weaknesses. Businesses can also develop and maintain a comprehensive incident-response plan (IRP) which outlines procedures to identify, contain, eradicate and recover from cyberattacks such as data breaches.
“The No. Rosa Ramos Kwok, managing Director and Business Information Security Officer for Commercial Banking at JPMorgan, told PYMNTS that the No.