expert
OPINION
With incidents on the rise , it is vital organisations work with their suppliers to identify supply chain risks and ensure appropriate security measures are in place .
vulnerabilities have exposed enterprises to serviceside request forgery . This is at a time when the annual Digital Leadership Report , a report based on a survey of senior technology decision-makers , cites that 52 % of large organisations have suffered a major cybersecurity attack in the last two years .
“ Cyber incidents can have severe impacts on organisations of all sizes , both in the short and longer term , from causing reputational damage to grinding operations to a halt ,” says Lindy Cameron , CEO of the National Cyber Security Centre ( NCSC ), the UK government ’ s cybersecurity force .
“ With incidents on the rise , it is vital organisations work with their suppliers to identify supply chain risks and ensure appropriate security measures are in place ,” adds Ian McCormack , NCSC Deputy Director for Government Cyber Resilience . Complex supply chains are a fact of modern business , and they rely on output technologies to share and verify information .
Guy Tucker of LRS believes part of the problem is that output is considered a utility , and organisations and their people are unaware of the risks . “ If you have a report that has to be printed , then that can be an open data stream and open data streams must be authenticated ,” he says . Technology analyst house Gartner found in 2022 that 69 % of employees bypass the cybersecurity guidance of their organisation and 74 % will willingly bypass cybersecurity in order to get their jobs done . Output technologies , if not effectively managed , can allow employees to bypass security rules and place the organisation at risk .
Don ’ t overlook output
One of the causes of security risks from output management is that responsibility is often shared between departments . Procurement and facilities management teams often have a large level of output technology responsibility . However , these departments are often governed by pricedriven key performance indicators ( KPI ) and lack data security skills . In the worst cases , some organisations allow business lines to form their own output device supply relationships .
For business technology leaders , the risk is perceiving output management as purely about printing . Whether printed on paper , an electronic tag , or a digital artifact , output matters and needs to be assessed and managed with the same high levels of cybersecurity as email , networks , databases and e-commerce systems .
A strategic approach
Ownership by a single team is not the answer for many organisations . Business outcomes are always a joint endeavour . It is more important that organisations have a strategic approach to output
When output management is often not considered part of the cybersecurity guidance , the threat vector increases . Tucker says output management is all too often overlooked as organisations plan and implement cloud computing strategies . “ An output device is a computer . It is no less powerful than a laptop , so there is a new point of ingress into the network .”
CIO Jevern Partridge agrees : “ People don ’ t think about print security until they have a leak due to something being printed on the wrong device .” Tucker adds that the leak of pop star Britney Spears ’ medical records from the UCLA Medical Center in the USA back in 2008 should have been a wake-up call to organisations . Document security makes a difference .
42 WWW . INTELLIGENTCISO . COM