top of page

Just 7% of SME's record reviewing risks posed by supply chain

Updated: Apr 16, 2021

With only 4% of micro-businesses, 7% of SME's and 15% of medium businesses having reviewed risks posed by suppliers or partners, do you understand how to assess the cyber risk in your supply chain?

The risks associated with a supply chain attack have never been higher with new types of attacks, and increased oversight from regulators. Meanwhile, attackers have more resources and tools at their disposal than ever before, creating significant resilience challenges for organisations like yours.

Earlier this year Solutions 4IT, a Trusted Partner of the WMCRC were informed by one of their manufacturing clients that a major customer that they deal with had suffered a Ransomware attack.

While there was no indication that the client had been compromised the risk factor had increased as both companies shared documents and emails with each other on a regular basis.

The client is security-aware, and they correctly identified the risk and did the right thing by contacting their provider.

What was the impact upon the business as a result of the ransomware attack?

The customer who was attacked suffered a significant loss of income and reputation but was able to restore their systems from backup within a few days.

How could I prevent my business from falling victim to a similar attack?

When dealing with an attack of this nature it is evident how critical the backup solution is, without an appropriate backup in place the downtime would have been much longer and potentially they would have lost all data that had been encrypted.

It is also critical to ensure your organisation takes steps to ensure security of all systems and have a qualified team in place to react to the incident.

Risks to and from the supply chain can take many forms as seen in this case study the customer failed to adequately secure their systems which could also have compromised the supplier.

How can The Cyber Resilience Centre for the West Midlands help make my business safer?

Led by Policing, we work in partnership with leading industry companies and academia to provide affordable cyber security services so we can grow and strengthen the West Midland’s resilience to online crime and cyber-attacks.

Instead of taking the chance of falling victim to a cyber attack like this, sign up for our FREE core membership which provides:

🔐 Opportunities to learn more about cyber resilience for your business

👍 Support to achieve Cyber Essentials or Cyber Essentials Plus scheme

🛡️ Tips and guidance to help you learn how to procure good value private cyber security professional services

🛠️ Easy access to Government recommended free tools and resources

🕵️‍♂️A newsletter featuring the latest regional and national cyber threats

Our services can help increase your supply chain resilience and reduce your risks, we are currently offering 10% off paid membership or one of our student services when you or any of your supply chain sign up for our FREE core membership.

SIGN UP at and quote web10.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.


The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page