How secure is your supply chain?

If you're like many organizations, your security focus is on protecting email, financial data and customer data. What if your greatest threats come from your vendors and supply chain?

pulling companies apart chain broken

Today’s global supply chains carry risks that run the gamut from pirates off the coast of East Africa to bad guys tampering with goods in transit. And international supply chains also put companies at risk of violating legislation and policies mandating corporate social responsibility. How can you company make responsible decisions for your supply chain under these conditions?

Improving the security of the global supply chain system is a key part of the strategy. With billions of dollars of goods at stake, many companies are working at solving the problem. Blockchain firms like Skuchain have developed ways to secure supply chain information to improve tracking. Other firms like CNL Software and Esri focus on improving the security process at key facilities like ports and warehouses. And firms such as Fleetmatics, Shaw Tracking and Optical Lock are working on securing the “moving supply chain” of trucks, railways, ships and planes. Whether your supply chain includes service providers, software services or goods, there are important risks to be mitigated.

Rising security expectations

Outsourcing was once a simple value proposition for organizations: Move work to a vendor to achieve cost savings. But the landscape has changed. “The National Institute of Standards and Technology (NIST) has proposed adding cyber supply chain risk management to the Cybersecurity Framework,” says Edna Conway, CSO for global value chain at Cisco. “A mandate by the Federal Energy Regulatory Commission has resulted in electric system bulk operators to develop security controls for supply chain management for industrial control system hardware, software, and services,” Conway adds. In addition, a draft executive order from the Trump administration may require heightened security requirements for suppliers serving the U.S. government.

What do these new standards and policies mean for technology leaders? Solving this situation will require a close review of current vendor contracts regarding security, audit and subcontracting provisions. If your organization uses vendors on a “white label” basis, then the vendor’s cybersecurity measures have to measure up to these new standards. Start the review process now before fines, regulations and public failures force the issue.

Reducing theft

Each year, theft and fraud result in serious costs and delays for both companies and governments. Steady increases in global trade volumes mean that traditional border security methods such as random spot checks have limited effectiveness. At the same time, governments are under pressure to do more with less. In this environment, improving supply chain security technology plays a vital role.

Governments take a critical interest in supply chain security for financial and security reasons. If trade evades official channels, governments lose revenue and the ability to enforce their policies. “In Kenya, Savi provided a sensor and software solution to its customer SGS, which ultimately benefit the government,” says Vicki Warker, CMO at sensor analytics providerSavi. “SGS provides the OMNIS cargo tracking system to the Kenya Revenue Authority to secure transit shipments and detect and deter theft. In one year, SGS has helped the Kenya Revenue Authority reduce theft by 81 percent,” adds Warker. The hardware involved also includes electronic locks that record attempts at unauthorized access. By reducing cargo theft, Kenya gives businesses with a supply chain footprint in the country added confidence. 

To continue reading this article register now

7 secrets of successful remote IT teams