4 Steps to Securing Global Supply Chains in a Digital Worldon Wednesday 22 November 2017 Written by Jurga Zilinskiene
Jurga Zilinskiene is the CEO & Founder of Today Translations, a self-taught coder, and keen follower of all things tech. This article originally appeared in the April 2017 edition of COBCOE's Make Europe Work Magazine.
The 2011 hack of the PlayStation Network cost the manufacturer Sony $171 million. That may have been the costliest data breach of all time, and with accusations swirling of interference with global elections, cyber security threats are in the spotlight more than ever. What does this mean for businesses?
Of course businesses must be vigilant, but there is a potential Achilles heel: the supply chain.
We all know the importance knowing your customer, and the same applies to knowing your partner: who are they and can they be trusted, especially when handling information that would expose you to serious risk if it were lost or stolen.
Recent events in Europe and the US, such as the forthcoming Global Data Protection Regulation, are changing the game in business. As companies on both sides of the Atlantic and further afield are looking at new markets and new relationships, here are some steps you can take to ensure your supply chain is both secure and prosperous.
1. Identify the ‘Links’ in your Supply Chain
To use the old adage: a chain is only as strong as its weakest link. That may seem obvious, but the modern supply chain is so complex and varied. Manufacturers, import/exporters, brokers, third-party logistics and warehousing are all potential vulnerabilities. Even if your company’s focus is a service or intangible, you will probably have to involve law firms and translators to trade internationally, and every company has an IT or telecoms provider. Hackers managed to steal credit card details of 110 million customers of the American retailer Target by first using a compromised login from a supplier's IT system.
2. Risk Assessment
You need to be confident in both the physical and cyber-security of all the ‘links’ in your supply chain, from raw material to customer. Once you have a conclusive understanding of all that is involved in your supply chain, you should develop a formal risk assessment process. Understand the risks and threats in each phase, and evaluate each party’s ability to defend against and respond to them. If you need third-party assistance as part of the risk assessment process, due-diligence in a foreign language, for example, make sure you can also trust that third party.
Independent accreditation like ISO 27001 for information security management is an excellent means to assess how prepared your partners really are in the face of such threats.
3. Share Information
Once you are confident of all the companies you are working with, you should, within reason, encourage the sharing of information between departments, companies, and stakeholders within your supply chain.
Not only does sharing information about risks and threats improve the overall security, and therefore stability, of your supply chain, but it also helps build professional relationships and engenders co-operation. Moreover, good relationships with companies in your supply chain will help you deal with any international trade regulations and potential impediments more effectively.
4. Be Flexible and Continuously Improve
Don’t be afraid to try new methods or make changes to your supply chain to improve security and efficiency. If, as part of the risk assessment process, a company within your supply chain is found lacking and is unwilling to change, you need to strongly consider whether your relationship with them is worth the risk they pose.
The digital supply chain is more intelligent, scalable, adaptable, and rapid. Companies that realize more of these advantages will reap the financial rewards. However, the very connectivity that makes it so advantageous also significantly increases risk. Ensure your own company’s security is robust, and build strong relationships with trustworthy partners to build a secure and prosperous supply chain.