Organizations have experienced a surge in cyberattacks, with attackers using more sophisticated methods to exploit vulnerabilities. Increasing cybersecurity guidelines and regulations stem from breaches with a high impact on society and bringing more focus on themes such as supply chain risk.

With SolarWinds fresh in mind and fresh in the news, we expected that this breach in particular would  be a wake up call for governmental institutions to work on their concentration risk. The uncomfortable truth, unfortunately, is the opposite in some parts of the world.

At the end of October/ beginning of November threat actors successfully breached the main data centre of the IT supplier of 72 German cities and municipalities, Südwestfalen-IT (SIT).  Security employees found encrypted data on the servers, indicative of a ransomware attack. Containment procedures were initiated to minimize impact and ensure the malware did not spread beyond affected systems. This resulted in limited or no service availability to the affected municipalities such as Plettenberg, Markischer Kreis, Olpe, Siegen and Soest. The city of Plettenberg had to write on their Instagram; “ we cannot yet predict how long the system failure will last. “One week after the attack most municipalities were still out of function and the authorities had to use alternative channels to deliver government services, once of which is an With a demand for ransom this could lead up to several weeks to be resolved”.

Whilst German cities, recover, it shows another spotlight on the dangers of concentration risk. It also highlights why NIS2 and DORA focus so much on making sure impacted entities understand their resilience to supply chain related issues and risks.  Even organizations that are not in scope of NIS2 and/or DORA compliance should be focusing on sharpening up their management of concentration risk in the supply chain.

Security leaders can use Forrester’s Ransomware Survival Guide to define a ransomware strategy. In addition, Forrester’s Zero Trust guidance can help organizations mitigate ransomware risk. And nowadays it is almost impossible to operate without using third parties. Security leaders need to evaluate these risks with a practical lens. Don’t wait for the next global crisis to response to concentration risk! For more insights in the third party risk management platforms visit our latest landscape to help you make better decisions.