Nextifying Supply Chains
In our fast-moving globalised world every organisation, whether for profit and non-profit have to compete for market space. The only way to often stay ahead is to implement new technology to improve service and efficiency.
In our race to get ahead in “Information technology” we’ve compromised “information” for the sake of technology. We’ve put more data in the cloud, acquired faster fiber to access it, and used more and more applications to create and share it without considering who has access to it.
Daily we hear stories of GDPR breaches (In a Nextified world that stands for Give Data Proper Respect 😊) where high-profile companies are increasingly being devastated by cyber-attacks that cause financial losses and that damage their brand reputation.
“We cannot continue to hyper-speed technology and communications without mitigating the cybersecurity risks”
– Phylip Morgan, Cynext.
From Financial Services, Airlines, Retail, Legal, Accounting, Healthcare, the list is endless – organisations are struggling to protect the confidentiality, availability and integrity of data. Information security has become more complex due to innovations involving big data storage, predictive analytics, and the use of cloud-based solutions.
E-services and tools such as e-sourcing and automated procure-to-pay systems complicate matters further. Over and above all of this, there is the people problem. There are many weak links in the supply chain including importers, foreign manufacturers, agents, transport companies, and third-party logistics service providers. Hackers, whose main objective seems to hold organisations to ransom, can infiltrate any of these layers.
Lack of Awareness Among Employees
Third Party Suppliers
Your company may have a cyber-security risk strategy but what about your key suppliers that can access your systems? Smaller companies contracted to larger companies are often targeted because they are more vulnerable. A niche company supplying vital goods or services may have access to important information and only have a very immature approach to data security.
The next problem is your suppliers’ suppliers, also called tier 2 suppliers. You may have addressed security weaknesses in your own proprietary software but the problem may lie with your solutions providers. Poor information security practices by lower-tier suppliers can sink companies. .It is estimated that over a third of corporate IT breaches are via third-party suppliers.
Cyber-attacks can lead to intellectual property breaches, sub-standard or interrupted operations, sensitive data custody breaches, and decreases in service level to final customers.
Software Solutions Providers
Mitigating the risks
- Create a cyber-crisis team to be first responders. Re-arrange resources and develop contingency plans thereafter
- Train people to follow security procedures and educate them about the risks
- Improve processes e.g. due diligence for new suppliers must assess cyber risk
- upgrade internal technology. Tight guidelines for supplier access are a strong defense