Compliance Today (July 2020):
An April 14 survey conducted by Gartner of 145 legal and compliance leaders found that more than half of the respondents rated cybersecurity and the possibility of a data breach as the third-party compliance risk that has increased the most during the pandemic.
There are two primary reasons for the uptick: the opportunistic nature of hackers, who may take advantage of the pandemic to penetrate networks while employees are preoccupied, and the sudden and dramatic increase of remote systems connected to sensitive networks.
The United States Department of Defense recognized the risk and created a portal with a list of best practices and guidance for maintaining cybersecurity. Organizations should be taking this opportunity to review cybersecurity best practices, protocols for maintaining secure remote networks, and, most importantly, patching and updating all software and keeping an eye out for reported vulnerabilities and bugs. Organizations can also consider cross-departmental training to prepare an efficient data breach response protocol.
1 Gartner, “Gartner Says 52% of Legal & Compliance Leaders Are Concerned About Third-Party Cybersecurity Risk Since COVID-19,” news release, April 24, 2020, https://gtnr.it/2SA3taH.
2 Sascha Matuszak, “Department of Defense Cyber Exchange creates telecommuting guidance portal,” Report on Supply Chain Compliance 3, no. 9 (April 30, 2020), https://bit.ly/35FM8Tf.
3 Sascha Matuszak, “Recent data breaches have compliance professionals asking, ‘What can I do better?’” Report on Supply Chain Compliance 2, no. 15 (August 15, 2019), http://bit.ly/2wvMxKm.
4 Sascha Matuszak, “Prepare for the worst: Interdepartmental crisis training improves data breach response efforts,” Report on Supply Chain Compliance 2, no. 16 (August 29, 2019), http://bit.ly/39vfswo