Fighting Back Against Cyber Thieves
Preventing a cyber attack is nearly impossible, but there are plenty of steps chief supply chain officers can take to bolster their organizations’ cyber resilience and limit the potential of damage.
Gartner research released earlier this year found that 60% of supply chain organizations plan to use cybersecurity risk as a “significant determinant” in conducting third-party transactions and business engagements by 2025.
In other words, chief supply chain officers better get on board with the latest threats. In a recently published Q&A, Brian Schultz, senior director analyst with the Gartner Supply Chain Practice, spoke about the increasing need of CSCO’s to take a greater ownership share in cybersecurity strategy.
“CSCOs are not expected to be substitutes for chief information security officers,” he said. “What they will increasingly be expected to do is have a grasp of how supply chain cyberattacks are evolving, including, for example, more sophisticated attacks that can impact products undetected until they reach the customer. They also need to play a leading role in third-party risk management, as attacks on key suppliers can cause significant business continuity disruptions.”
An advantage CSCO’s have, Schultz noted, is their experience in “coordinating action among many different stakeholders.” Supply chain cyber resilience, he said, depends on the ability to bring multiple stakeholders from both inside and outside the organization together to increase visibility and identify threats.
“We recommend CSCOs build this visibility by identifying the key operational assets that support the organization’s value drivers, assess the impact of a loss of these assets in terms of business costs in lost days of operation and then clearly communicate these impacts to the board and C-Suite,” Schultz said, noting a playbook should be implemented to monitor assets and schedule regular testing of mitigation plans.
In the Q&A, Schultz identified several steps organizations can take to begin building cyber resilience and laid out a four-step plan to create a supply chain third-party risk management program. But, Schultz emphasized that no cyber program is 100% effective.
“The best-case scenario is reaching a state where cyber resilience is in line with the organization’s risk appetite. Once the risk exposures are clarified both for CSCOs and their stakeholders, then expectations for the level of protection can be agreed upon and operationalized,” he said.
Gartner clients can read more on this subject in 3 Actions to Combat Cybersecurity Risks in Your Supply Chain. Nonclients can learn more in the on-demand webinar: 3 Strategies to Defend Your Supply Chain Against Cybercriminals.
Related Article
Article Topics
Gartner News & Resources
Gartner foresees sizeable uptake for next-gen humanoid robots Risk Management: Building resilient supply chains in a risky world Ranking the Top 10 Schools to Learn About Supply Chains Gartner Unveils Top Trends in Supply Chain Technology Major Shift Underway in Logistics KPI Reporting E-commerce Logistics: An endless array of challenges Supply Chain Management (SCM) applications keep the supply chain humming More GartnerLatest in Supply Chain
A Look at Baltimore’s Key Bridge Collapse—One Month Later European Parliament Passes New Law Requiring Supply Chain Accountability Baltimore Continues Bridge Recovery With Opening of New Channel How Shippers Can Prep for Hurricane Season Apple Accused of Multiple Human Rights Violations South Korea Finally Overtakes China in Goods Exported to U.S. UPS Struggles in First Quarter With Steep Earnings Decline More Supply ChainAbout the Author
