Supply chain management is, on one level, a constant struggle to prevent data loss, as the exchange of materials and information leaves companies open to outside attack. A recent Computerworld report stated that supply chain professionals must not stay on pace with cybercrime trends but instead need to keep ahead of them.
The many risks inherent in the supply chain are unavoidable. How companies cope with those risks will be the difference between those that build efficiency and those that suffer costly breaches.
The source spoke with Steve Durbin of the Information Security Forum about the dangers of cybersecurity in general, as well as how it affects the supply chain. Durbin warned that reducing security budgets based on weakness from the economic downturn could be a real danger to businesses' data loss prevention strategies. He emphasized that hackers and data thieves did not suffer through the recession the way companies did. Instead they grew steadily stronger, and lowered security could play into their hands.
"Traditional risk management is insufficiently agile to deal with the potential impacts from activity in cyberspace. While executives recognize the benefits and opportunities cyberspace offers, their organizations must extend risk management to become more resilient, based on a foundation of preparedness," Durbin told Computerworld.
The direct danger to the supply chain is closely tied to the rise of digitization and only increases as companies take on more partners, according to the source. The ISF stated that it expects the outsourcing of corporate functions will further deepen the risk. In the closely connected world of modern supply chain management, a breach suffered by a supplier can leave its partners vulnerable as well, with data communication between the parties in a chain necessary for smooth operation. At a minimum, companies need secure file transfer technology when engaging in B2B integration, preferably with a customized and detailed strategy to back it up.
Logistics expert Omera Khan, writing for Supply Chain Management, echoed the ISF assertions that the digitization of the supply chain presents a likely target for attackers both internal and external. She is currently researching supply chain data loss prevention and has found that few companies have formalized their supply chain security strategies. She has found businesses ill-prepared to cope with infrequent but devastating events such as hacks from cybercriminals or even the harmful effects of a terrorist attack or natural disaster not directly aimed at the company. These competencies and strategies are what companies need to survive the unexpected with their supply chains intact.