Skip to content
Search AI Powered

Latest Stories

Perspective

Cybersecurity and your supply chain

Properly vetting suppliers—and making data security a condition of doing business—can help reduce vulnerabilities to cyberattacks.

By now, everybody on the planet is aware that criminals have at various times hacked into the customer databases of giant retailers like Target and Home Depot, and that even government agencies—including the military—are not immune to such crimes. But what many of us don't realize is that our supply chains are also vulnerable to electronic infiltration.

As Drew Smith, founder and CEO of the computer security company InfoArmor, writes in "Is your supply chain safe from cyberattacks?" in the Q2/2015 issue of CSCMP's Supply Chain Quarterly, global supply chains are highly reliant on the rapid sharing of data among supply chain partners. Yet each of these relationships represents a potential point of access to an organization's proprietary information. Exchanging data with suppliers, it turns out, is risky business.


While Smith's article offers plenty of interesting background, such as the extent of security breaches and the most common types of attack, it's that last sentence that deserves your full attention. Today's integrated, interdependent systems, he writes, are rife with cybersecurity risks. These include the transmission of information to and from vendors; open access to data rather than "need to know" access; frequent changes in suppliers and products; a lack of standardization of security protocols among suppliers and other supply chain partners; and obsolete or infected hardware and software.

Smith argues that cybersecurity should therefore be an integral part of supplier vetting, and that every buyer should require its suppliers to meet specified security standards. "One of the most important and effective steps you can take," he writes, "is to include cybersecurity protocols, conditions, and capabilities in the procurement function's approval criteria for all potential new vendors."

The Home Depot security breach came about because criminals obtained and manipulated vendors' computer credentials. Target was compromised because a service provider failed to follow accepted information-security practices. If cybersecurity standards are not currently included among your vendor-approval criteria, I urge you to circulate Smith's article in your procurement organization, and to conduct a risk assessment soon.

Recent

More Stories

aug24-lmi_orig.png

Logistics economy expanded in August

Economic activity in the logistics industry expanded in August, though growth slowed slightly from July, according to the most recent Logistics Manager’s Index report (LMI), released this week.

Keep ReadingShow less

Featured

photo-1556740772-1a741367b93e.jpeg

NRF: U.S. is on the cusp of nailing a “soft landing” in inflation fight

With the economy slowing but still growing, and inflation down as the Federal Reserve prepares to lower interest rates, the United States appears to have dodged a recession, according to the National Retail Federation (NRF).

“The U.S. economy is clearly not in a recession nor is it likely to head into a recession in the home stretch of 2024,” NRF Chief Economist Jack Kleinhenz said in a release. “Instead, it appears that the economy is on the cusp of nailing a long-awaited soft landing with a simultaneous cooling of growth and inflation.”

Keep ReadingShow less
xeneta air-freight.jpeg

Air cargo carriers enjoy 24% rise in average spot rates

The global air cargo market’s hot summer of double-digit demand growth continued in August with average spot rates showing their largest year-on-year jump with a 24% increase, according to the latest weekly analysis by Xeneta.

Xeneta cited two reasons to explain the increase. First, Global average air cargo spot rates reached $2.68 per kg in August due to continuing supply and demand imbalance. That came as August's global cargo supply grew at its slowest ratio in 2024 to-date at 2% year-on-year, while global cargo demand continued its double-digit growth, rising +11%.

Keep ReadingShow less
littler Screenshot 2024-09-04 at 2.59.02 PM.png

Congressional gridlock and election outcomes complicate search for labor

Worker shortages remain a persistent challenge for U.S. employers, even as labor force participation for prime-age workers continues to increase, according to an industry report from labor law firm Littler Mendelson P.C.

The report cites data showing that there are approximately 1.7 million workers missing from the post-pandemic workforce and that 38% of small firms are unable to fill open positions. At the same time, the “skills gap” in the workforce is accelerating as automation and AI create significant shifts in how work is performed.

Keep ReadingShow less
stax PR_13August2024-NEW.jpg

Toyota picks vendor to control smokestack emissions from its ro-ro ships

Stax Engineering, the venture-backed startup that provides smokestack emissions reduction services for maritime ships, will service all vessels from Toyota Motor North America Inc. visiting the Toyota Berth at the Port of Long Beach, according to a new five-year deal announced today.

Beginning in 2025 to coincide with new California Air Resources Board (CARB) standards, STAX will become the first and only emissions control provider to service roll-on/roll-off (ro-ros) vessels in the state of California, the company said.

Keep ReadingShow less