Skip to content
Search AI Powered
Human content, AI powered search.

Latest Stories

Perspective

Cybersecurity and your supply chain

Properly vetting suppliers—and making data security a condition of doing business—can help reduce vulnerabilities to cyberattacks.

Toby Gooley
By Toby GooleyJul 21, 2015
Toby Gooley
Contributing Editor Toby Gooley is a freelance writer and editor specializing in supply chain, logistics, material handling, and international trade. She previously was Editor at CSCMP's Supply Chain Quarterly. and Senior Editor of SCQ's sister publication, DC VELOCITY. Prior to joining AGiLE Business Media in 2007, she spent 20 years at Logistics Management magazine as Managing Editor and Senior Editor covering international trade and transportation. Prior to that she was an export traffic manager for 10 years. She holds a B.A. in Asian Studies from Cornell University.
See Full Bio

By now, everybody on the planet is aware that criminals have at various times hacked into the customer databases of giant retailers like Target and Home Depot, and that even government agencies—including the military—are not immune to such crimes. But what many of us don't realize is that our supply chains are also vulnerable to electronic infiltration.

As Drew Smith, founder and CEO of the computer security company InfoArmor, writes in "Is your supply chain safe from cyberattacks?" in the Q2/2015 issue of CSCMP's Supply Chain Quarterly, global supply chains are highly reliant on the rapid sharing of data among supply chain partners. Yet each of these relationships represents a potential point of access to an organization's proprietary information. Exchanging data with suppliers, it turns out, is risky business.

While Smith's article offers plenty of interesting background, such as the extent of security breaches and the most common types of attack, it's that last sentence that deserves your full attention. Today's integrated, interdependent systems, he writes, are rife with cybersecurity risks. These include the transmission of information to and from vendors; open access to data rather than "need to know" access; frequent changes in suppliers and products; a lack of standardization of security protocols among suppliers and other supply chain partners; and obsolete or infected hardware and software.

Smith argues that cybersecurity should therefore be an integral part of supplier vetting, and that every buyer should require its suppliers to meet specified security standards. "One of the most important and effective steps you can take," he writes, "is to include cybersecurity protocols, conditions, and capabilities in the procurement function's approval criteria for all potential new vendors."

The Home Depot security breach came about because criminals obtained and manipulated vendors' computer credentials. Target was compromised because a service provider failed to follow accepted information-security practices. If cybersecurity standards are not currently included among your vendor-approval criteria, I urge you to circulate Smith's article in your procurement organization, and to conduct a risk assessment soon.

ArticleTechnologyTech & Infrastructure
ArticleTechnologyTech & Infrastructure

Recent

shopper returning goods with smartphone
Article

E-commerce retailers brace for surge in returns

More Stories

Logistics economy continues on solid footing
Logistics Managers' Index

Logistics economy continues on solid footing

Economic activity in the logistics industry expanded in November, continuing a steady growth pattern that began earlier this year and signaling a return to seasonality after several years of fluctuating conditions, according to the latest Logistics Managers’ Index report (LMI), released today.

The November LMI registered 58.4, down slightly from October’s reading of 58.9, which was the highest level in two years. The LMI is a monthly gauge of business conditions across warehousing and logistics markets; a reading above 50 indicates growth and a reading below 50 indicates contraction.

Keep ReadingShow less

Featured

An illustration of five trucks connected by lines and hubs to give the appearance of a network.
Blog

How an advanced TMS optimizes supply chain performance

SKU rationalization: Finding the right balance between too many and too few
Plan

SKU rationalization: Finding the right balance between too many and too few

chart of sectors leasing warehouse space
Store

3PLs claim growing share of large industrial leases, CBRE says

forklifts working in a warehouse
Move

Averitt tracks three hurdles for international trade in 2025

digital chain links
Blog

How to evaluate blockchain for your supply chain

Plan

Starbucks adds risk management program to help protect its supply chain

chart of top business concerns from descartes

Descartes: businesses say top concern is tariff hikes

Business leaders at companies of every size say that rising tariffs and trade barriers are the most significant global trade challenge facing logistics and supply chain leaders today, according to a survey from supply chain software provider Descartes.

Specifically, 48% of respondents identified rising tariffs and trade barriers as their top concern, followed by supply chain disruptions at 45% and geopolitical instability at 41%. Moreover, tariffs and trade barriers ranked as the priority issue regardless of company size, as respondents at companies with less than 250 employees, 251-500, 501-1,000, 1,001-50,000 and 50,000+ employees all cited it as the most significant issue they are currently facing.

Keep ReadingShow less
diagram of blue yonder software platforms

Blue Yonder users see supply chains rocked by hack

Grocers and retailers are struggling to get their systems back online just before the winter holiday peak, following a software hack that hit the supply chain software provider Blue Yonder this week.

The ransomware attack is snarling inventory distribution patterns because of its impact on systems such as the employee scheduling system for coffee stalwart Starbucks, according to a published report. Scottsdale, Arizona-based Blue Yonder provides a wide range of supply chain software, including warehouse management system (WMS), transportation management system (TMS), order management and commerce, network and control tower, returns management, and others.

Keep ReadingShow less
drawing of person using AI

Amazon invests another $4 billion in AI-maker Anthropic

Amazon has deepened its collaboration with the artificial intelligence (AI) developer Anthropic, investing another $4 billion in the San Francisco-based firm and agreeing to establish Amazon Web Services (AWS) as its primary training partner and to collaborate on developing its specialized machine learning (ML) chip called AWS Trainium.

The new funding brings Amazon's total investment in Anthropic to $8 billion, while maintaining the e-commerce giant’s position as a minority investor, according to Anthropic. The partnership was launched in 2023, when Amazon invested its first $4 billion round in the firm.

Keep ReadingShow less
office workers using GenAI

Companies feel growing pressure to invest in GenAI

In a rush to remain competitive, companies are seeking new ways to apply generative AI, expanding it from typical text-based applications to new uses in images, audio, video, and data, according to a report from the research and advisory firm Information Services Group (ISG).

A growing number of organizations are identifying ways to use GenAI to streamline their operations and accelerate innovation, using that new automation and efficiency to cut costs, carry out tasks faster and more accurately, and foster the creation of new products and services for additional revenue streams. That was the conclusion from ISG’s “2024 ISG Provider Lens global Generative AI Services” report.

Keep ReadingShow less
Copyright ©2024.