• Advertise
  • Contact Us
  • About Us
  • Supplier Directory
  • SCB YouTube
  • Login
  • Subscribe
  • Logout
  • My Profile
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Express/Small Shipments
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management (Big Data/IoT/Blockchain)
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Sourcing/Procurement/SRM
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • SC Security & Risk Mgmt
    • Supply Chains in Crisis
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Robotics
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • THINK TANK
  • WEBINARS
    • On-Demand Webinars
    • Upcoming Webinars
    • Webinar Library
  • PODCASTS
  • VIDEOS
  • WHITEPAPERS
Home » Blogs » Think Tank » How to Approach Cybersecurity Through Tech, People and Processes

Think Tank
Think Tank RSS FeedRSS

How to Approach Cybersecurity Through Tech, People and Processes

Securing Supply Chains
Computer code and text displayed on computer screens. Photo: Bloomberg.
March 18, 2021
Vijaya Rao, SCB Contributor

The evolution of supply-chain networks over the years has largely been driven by technology. Organizations of all sizes are moving to the digital space, some compelled by the disruptions in the last year. While businesses build cybersecurity fortresses for themselves, there are several vulnerabilities at touchpoints with manufacturers, suppliers, global partners and other service providers to consider. Threats are lurking around such parties, waiting to breach security at the first chance.

Cybersecurity has matured to a certain extent for larger enterprises, although focused within the perimeter of the organization. There exists a lack of governance and control over individual departments dealing with other entities in the ecosystem, many of which are smaller businesses that are low on their cybersecurity strength. These are favorable entry points for hackers.

With the advent of disruptive technologies such as driverless vehicles, robotic process automation, and end-to-end digitization, the cybersecurity boundaries between organizations are getting blurrier. About 80% of reported breaches occur in supply-chain networks. Wherever your organization appears in the supply chain, if you’re connected, you’re at risk.

Supply-chain threats include denial of service, data leaks, customer data thefts, disruption of business, and other malware attacks such as ransomware. As it goes, the supply chain is as strong as its weakest link.

Approaching cybersecurity in the supply-chain network should be seen through three lenses: technology, people and process.

Technology

The entire supply chain needs to be included in cybersecurity protection, mitigation, and response plans. Response and recovery should not be limited to internal technology setups.

The adoption of cloud technology, internet of things (IoT) devices and virtual servers opens up new vistas for breaches. Ensure proper cybersecurity procedures such as two-factor authentications and biometric access control across all internal as well as third-party systems. Risk mitigation and recovery plans must be documented as a standard process.

Using open-source software could be a source of threats, and adequate monitoring must be planned for these setups.

Blockchain technology is an emerging trend which has the potential to enhance transparency and efficiency, along with a high level of data-security across multiple trading partners. It can enable better visibility of product, data and financial flows throughout the supply chain. It is largely adopted by businesses with complex operations and its real impact is yet to be seen. Experts believe that organizations at the very least should evaluate the viability and potential benefits of blockchain.

People

All employees and  trading partners should be included in the security framework. Clear roles and responsibilities for all personnel and third-party entities in protection, detection, and response and recovery measures are essential.

Bring-your-own device (BYOD) policies are a major source of malware and phishing in the supply chain, and need to be a key focus.  No personnel-owned device should be allowed to connect to the corporate infrastructure without channeling them through a virtual private network (VPN).

Process

Establish processes for due diligence of the cybersecurity posture before onboarding any new entity in your ecosystem. Regular monitoring to ensure compliance of processes by all entities is essential to ensuring the capability of the recovery and response plan.

Threat intelligence dissemination is another factor that can make a huge difference to the overall cybersecurity process, but has yet to mature as a standard practice.

Establish processes to remove access for third parties after the contract is completed, as this has been an expensive mistake for many businesses.

Companies need to implement corporate-wide data-access guidelines and standards, especially when sensitive data is being shared across organizations. 

Monthly server and network audits help keep a good trail of all special and admin access.

Following are some key guidelines to keep in mind as you develop a security plan for the entire network of trading partners.

  • It won’t work if it isn’t a collaborative effort. You need to encourage and educate smaller businesses that you work with on cybersecurity threats. SMBs in turn can seek support from their larger partners.
  • Supply-chain experts promote the idea of assuming that a breach is going to occur sooner or later, so having a cyber resilience plan is a must-have today.    
  • There still doesn’t exist a broad framework that would support all sizes of businesses when it comes to supply-chain cybersecurity management. However, suppliers and other parties can carry out  independent and standardized verification initiatives.
  • Penetration testing can eliminate known and potential vulnerabilities.
  • A central team or manager should be established that regularly monitors the cybersecurity setup for the entire supply chain, to prevent “silos” of unmanaged network.
  • Companies should consider the use of artificial intelligence to detect threats and breaches more proactively, and activate response systems in time.

Vijaya Rao is founder and CEO of TechVio, an I.T. services firm.

Business Strategy Alignment Quality & Metrics Regulation & Compliance Supply Chain Security & Risk Mgmt

RELATED CONTENT

RELATED VIDEOS

Subscribe to our Daily Newsletter!

Timely, incisive articles delivered directly to your inbox.

Popular Stories

  • A WOMAN STANDS WITH A TABLET COMPUTER IN A WAREHOUSE, SURROUNDED BY SYMBOLS FOR SHIPPING METHODS

    Five Tactics for Enabling Smart and Sustainable Supply Chains

    Data Management (Big Data/IoT/Blockchain)
  • A MEXICAN FLAG FLIES IN A RISING SUN

    Mexico’s Future as U.S. Go-To Trade Partner Depends on Investment, Infrastructure

    Logistics
  • A WOMAN IN HER LIVING ROOM GESTURES IN DISMAY ON THE PHONE OVER AN OPEN SHIPPING BOX

    Using Artificial Intelligence for Returns Management

    Reverse Logistics
  • A close-up of solar panels can be seen in front of a sunset. Photo: iStock.com/JONGHO SHIN

    Is the Biden Administration Undercutting Its Own Policies on Chinese Solar Imports?

    Sourcing/Procurement/SRM
  • On-Demand-Webinar-Deloitte-Ep1of6-Sep-26.jpg

    Navigating to Net-Zero: Procurement's Role in Supplier Emissions

    Webinars

Digital Edition

Scb august 2023 lg

2023 100 Great Supply Chain Partners

VIEW THE LATEST ISSUE

Case Studies

  • JLL Finds Perfect Warehouse Location, Leading to $15M Grant for Startup

  • Robots Speed Fulfillment to Help Apparel Company Scale for Growth

  • New Revenue for Cloud-Based TMS that Embeds Orderful’s Modern EDI Platform

  • Convenience Store Client Maximizes Profit and Improves Customer Service

  • A Digitally Native Footwear Brand Finds Rapid Fulfillment

Visit Our Sponsors

Antuit Zebra Anvyl AutoStore
BEUMER Group Blue Ridge Global Brother
CHEP Cleo Coenterprise
Data Capture E2open Enveyo
Eva Air ForwardX Robotics Frayt
GAINSystems Generix Geodis
GEP Global Supply Chain Marketing Summit GreyOrange
Here Holman Logistics Infor
Inmar Kinaxis Lexis Nexis
Locus Robotics Logility LogistiVIEW
Lucas Systems MCA Connect MPO
Old Dominion OneRail Overhaul
PartnerLinQ (Visionet) Port of Virginia Ryder E-commerce by Whiplash
Saddle Creek Logistics SAP Shyft
Sourcemap SPS Commerce Tecsys
TGW Systems Thomson Reuters Veho
Verusen Walmart Workshop
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • On-Demand Webinars
    • Upcoming Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Your Subscription
    • Newsletters
  • Resources
    • Events Calendar
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright ©2023 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing