What can be learnt about the importance of third-party risk management from the 2023 Royal Mail ransomware attack?

Royal Mail’s international shipping of parcels and letters through its post office branches reached a standstill for over a month because of a LockBit cyber-attack in January 2023. The attackers demanded a vast ransom demand of $80m (￡67m) for Royal Mail’s decryption key. Once Royal Mail rejected this demand, the hackers threatened to leak the stolen and encrypted data online.

If a company wants to keep its data secure, among other things, you must create and uphold a solid TPRM operating model to mitigate risk and safeguard from potential threats. Third-party risk management specialists have become crucial in safeguarding organisations from potential threats in the fast-paced, continuously evolving cyber security landscape. As a specialist in this vital field, you hold the power to fortify businesses against ransomware breaches.

This Royal Mail ransomware attack has highlighted the need for better ransomware readiness and safeguarding. It also emphasises the importance of third-party management, and as a third-party management professional, there are several things to consider, to avoid similar attacks.

Rigorous Vendor Assessment:

If we’ve learned anything from the damage done to Royal Mail, thorough vendor assessments are essential to companies. Vigilantly scrutinising third-party vendors and assessing their security measures is vital in mitigating ransomware risks. Royal Mail’s cyber security protocols were not solid enough, which caused intruders to steal sensitive data which dated back over a decade ago from Royal Mail’s systems and threaten to publish the data on the Dark Web. Prioritising vendors with strict security standards and robust cyber defence protocols is essential. Implementing a comprehensive evaluation process ensures that only trustworthy and secure partners are entrusted with sensitive data and operations.

Continuous Monitoring and Incident Response Planning:

Ransomware threats are persistent, and their tactics are constantly evolving. Even big organisations like Royal Mail can suffer from large-scale cyber-attacks. Companies should have employees that proactively monitor the security procedures of third-party vendors on an ongoing basis. The risk of breaches can be significantly reduced by promptly identifying and addressing potential vulnerabilities. Collaboration with internal and external stakeholders to develop robust incident response plans will ensure a swift and effective response during an attempted breach. Timely action can make all the difference in containing the impact of an attack.

Encouraging a Security-Centric Culture:

All companies should advocate for a security-centric mindset across all levels in the workplace and among third-party vendors. Everyone should be educated on best practices for cyber hygiene and updated with the latest threats. We should all promote a culture where everyone is a defender against ransomware attacks by regularly updating any software, using strong multi-factor authentication and more. A united front against cyber threats is a company’s most vigorous defence!

Third-party risk management is pivotal in protecting companies from the devastating impact of ransomware breaches. As seen from the Royal Mail breach, proper third-party risk management relegations are crucial because ransomware attacks can happen anytime to businesses of any scale if they lack suitable security measures. We should all take this situation as a learning experience and safeguard businesses against ever-present cyber threats.