The recent cyber-attacks on US-retailers Target and Neiman Marcus have brought security risks to the spotlight.
According to various reports, technology failure and cyber-attacks represent a bigger threat to most businesses than adverse weather, fire and social unrest combined. In fact, according to a study by the Center for Strategic Studies and security software maker McAfee, cybercrime costs the United States economy about $100 billion each year.
Intellectual property is among the primary targets for such security breaches – particularly for those industries in which competition is fierce for that next new product. A recent example of this allegedly involved three of the largest medical device companies – Medtronic, Boston Scientific and St. Jude Medical. Very disturbing was the fact that these companies were not even aware of the intrusions until federal authorities contacted them.
However, this apparently is not surprising. According to the CEO of the Information Security Forum (ISF), Michael de Crespigny, many companies are not fully aware of the scope and seriousness of the issue.
So how can a company protect itself from cyber-attacks? Look towards the supply chain.
The globalization of supply chains has resulted in increasing risks – weather, political, economic etc. – along with these risks, the number of suppliers have increased for many companies. For example, as of 2012, Apple had about 156 global suppliers whereas Qualcomm had 759 global ones.
The very nature of global supply chains calls for visibility, collaboration including exchange of sensitive information with multiple partners, some of them several tiers removed from the manufacturer. The ability to protect data can be highly variable. A report published by the ISF notes that although sharing information with suppliers is essential, it also increases the risk of that information being compromised.
To mitigate risks, identify which suppliers pose the greatest risk for data theft. A process and auditing standard such as ISO 270001 can help. It takes companies from basic risk assessment through policies for managing information, communications, human resources, physical sites, business continuity and compliance. ISF has also developed its Supply Chain Information Risk Assurance Process (SCIRAP), which assist companies assess suppliers in order to identify the riskiest contracts.
An interesting project is underway at Ford Motor Company along with its partner, Achilles, in which it is mapping its global supply chain to identify and mitigate potential risks. According to the company, the goals of the project are to:
Ensure supplier data is accurate.
The project has now been expanded to invite Tier 1 suppliers to provide information about their operations.
As more and more supply chains expand and globalize, risks will increase. Among the biggest risks is cybersecurity. Investments to combat this rising risk are growing and according to Allied Business Intelligence, global cybersecurity spending by critical infrastructure industries was expected to hit $46 billion in 2013, up 10% from a year earlier. Expect this amount to grow even quicker in 2014.
There are mixed messages in the economic data as we enter the last quarter of the year. What does this mean for the economy and logistics industry in the run up to 2015?
In today’s up and down economy every shipper is looking to find strategic advantages over their competition. The biggest hurdle for logistics and transportation managers continues to be, how I get my product to my customer in the most cost effective, reliable, and quickest way.
There’s not a lot being said about the robotization that’s already taking place in the transport sector. Naturally it will help make up for the anticipated shortage of personnel in the logistics labor market. But I predict that, ten years from now, 9/10 DCs are going to be obsolete. It’s time to chart a new strategic course and prepare our distribution networks for a new industrial revolution.