Disclaimer: The views and opinions expressed in this blog are those of the author(s) and may not reflect the official policy or position of Excelsior College. Excelsior makes no claim regarding the suitability of the content for all audiences.
Today’s supply chain landscape is almost entirely different than it was a decade ago. Increased demand has forced larger businesses to speed up their production. But while production becomes leaner, the rapid dematerialization of their acquisition processes makes corporations high-risk targets for cyberattacks.
Today’s supply chain landscape is almost entirely different than it was a decade ago.
The escalating relevance of the Internet and globalization has dramatically dilated the market. With that expansion there is an climb in consumer demand. Very few organizations are able to make their products entirely in-house and meet production requests. To do so, they must rely on multiple outside suppliers to provide the materials needed. In the e-book, “Cybersecurity in Our Digital Lives”, the National Cybersecurity Institue wrote, “Smaller firms that offer the innovative or specialized capabilities and products essential to maintaining a competitive edge are often not financially positioned to afford adequate defenses, especially if they are being squeezed by customers to lower costs.”
Suppliers are a point of entry
These suppliers are often small to medium-sized companies, and while larger corporations recognize that they are at a high risk of cyberattack, smaller businesses may not. In fact, a 2014 Kaspersky Lab survey reported that 75 percent of these smaller suppliers believe they are not at risk for attack because of their size.
The truth is that cybercriminals are looking for the simplest way to steal information. Larger companies have layers of data protection to prevent attacks. This, in turn, forces cyberthieves to target their under-protected suppliers for access to the information they want. According to Michael de Crespigny, the chief executive officer for the Information Security Forum, 40 percent of the data security breaches organizations experience are the result of an attack on their suppliers.
“40% of breaches are the result of an attack on the suppliers.”
The cost of a breach
These breaches put confidential customer information and processes and technologies that the company has patented at risk. Additionally, they can lead to production disruption, damage to the company’s reputation and the loss of the company’s advantage over its competitors.
Not only do larger businesses stand to lose customers and reputability, they could suffer heavy financial losses as well. The Ponemon Global Report on the Cost of Data Breach reported that the average cost of a cyberattack is $3.5 million. So, while ensuring that cybersecurity is strong across all parts of the supply chain is costly, the price of a breach is far more expensive.
Supply chain security best practices
Before contracting any new vendors, the larger companies should make sure that they meet a minimum security standard. These businesses should also employ reliable network security technologies. Hiring individuals trained in cybersecurity and data monitoring is another smart way to ensure the safety of their data across the entirety of their supply chain.