flevyblog

Flevy Blog is an online business magazine covering Business Strategies, Business Theories, & Business Stories.
MANAGEMENT & LEADERSHIP STRATEGY, MARKETING, SALES OPERATIONS & SUPPLY CHAIN ORGANIZATION & CHANGE IT/MIS Other

Isn’t It Time to Think about Cybersecurity?

castle-538722_960_720Computer security, also known as cybersecurity or IT security, is security applied to computing devices such as computers and smartphones, as well as computer networks such as private and public networks, including the whole Internet.

With all the discussion on the internet of things (IoT) and the network of sensors, robotics, RFID and software connected to the cloud, visibility, tracking, scanning and mobility to help supply chains respond to all the data and make it more usable, cybersecurity becomes a big challenge.

Gartner projects that by 2020 there will be 26 billion “things” connected within the IoT, supply chain visibilities are endless. Cybersecurity risks lie in each of these 26 billion things. There can be breeches in any one of these links. Solutions to security issues become paramount.

There is no single solution. Brainstorming needs to be done by the best professionals in the field to come up with alternatives to manage cybersecurity. Professionals are saying that 100% security is impossible, as not all cybersecurity risks are malicious or even intentional.

With Enterprise Resource Planning (ERP), supply chain management (SCM), material requirements planning (MRP), Warehouse Management Systems (WMS) and Transportation Management Systems (TMS) and forecasts, tightening security to protect each connection is overwhelming.

You have to be concerned how a third party will protect your data from cybersecurity. There is not a simple solution. Every last component must be secure. The greater the value of sensitive information, the greater that attacker’s effort. More technology and more vulnerability go hand in hand.

Homeland Security states:

Cyberspace is particularly difficult to secure due to a number of factors: the ability of malicious actors to operate from anywhere in the world, the linkages between cyberspace and physical systems, and the difficulty of reducing vulnerabilities and consequences in complex cyber networks. Of growing concern is the cyber threat to critical infrastructure, which is increasingly subject to sophisticated cyber intrusions that pose new risks. As information technology becomes increasingly integrated with physical infrastructure operations, there is increased risk for wide scale or high-consequence events that could cause harm or disrupt services upon which our economy and the daily lives of millions of Americans depend. In light of the risk and potential consequences of cyber events, strengthening the security and resilience of cyberspace has become an important homeland security mission.

Homeland Security Program:

The Stop.Think.Connect. Campaign is a national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. Cybersecurity is a shared responsibility. We each have to do our part to keep the Internet safe. When we all take simple steps to be safer online, it makes using the Internet a more secure experience for everyone.

Now, Healthcare?

Hackers often carry out massive cyberattacks to gain access to financial data through banks and retail companies but this week’s cybercrime hit a seemingly new target: medical data, taken from the health insurance company Premera Blue Cross.  The attack affected 11 million patients, making it the largest cyberattack involving medical information to date.

The healthcare industry has been catching hackers’ attention lately. In February, the health insurance company Anthem reported a breach in which hackers accessed to about 80 million records and in 2014, a Tennessee hospital had 4.5 million records accessed, though both companies said no medical data was exposed. Even so, as Pat Calhoun, the senior vice president of network security at Intel Security, puts it, “the healthcare industry is just beginning to find itself in cyber-criminals’ crosshairs, making it slow to shield people’s records.”

Transportation

Transportation systems are becoming increasingly complex and integrated systems, ones that incorporate numerous intricate control systems and sub-systems that work in tandem. The deepened use of communications and information technology has increased the efficiency and functionality of transportation systems. With this expanded functionality, however, comes a corresponding increase in potential vulnerabilities to transportation technologies. To ensure the safety of the traveling public, transportation agencies will need to learn about cyber security issues and how to develop and implement solid cyber security programs.

Procurement

Follow your procurement processes with an emphasis on cybersecurity risks.

  • Conduct thorough due diligence for new suppliers, accounting for their cybersecurity competence.
  • Consider contractual clauses focused on security, stipulating responsibility for any compromise or data breach and contractually mandate that security clauses apply to sub-contractor(s) in the supply chain.
  • Challenge your suppliers to practice and develop collaborative processes for reacting to compromises or data breaches.
  • Conduct regular information-assurance sessions to identify weak links.

Supply Chain

Companies need total organizational visibility and a plan to enact in case of cyber threats in order to recover. Your supply chain management software has to give you that plan.

The three other suggestions he offers are:

  • Analyze the supply chain for vulnerabilities. Conduct a comprehensive analysis in which each node and component of the supply chain is thoroughly examined. Companies need to be certain that checking for cyber risk is part of the overall security assessment
  • An extra step needs to be taken to ensure the IT department and supply chain team are part of the cybersecurity group discussion.
  • Use the government as a resource. While one company’s supply chain might not be the government’s top priority, its focus on infrastructure from a cyber-risk perspective certainly meets with corporate interests. There is a program between the Department of Homeland Security’s Office of Cyber Security & Communications and the National Institute of Standards and Technology. They are developing a voluntary set of cyber security standards and best practices for vital infrastructure.

What are you going to do to protect your company from cyber-attacks?

About Charles Intrieri

Charles Intrieri is subject matter expert on Cost Reduction, Supply Chain, and 3rd Party Logistics. He is also an author on Flevy (view his documents materials). Managing his own consultancy for the past 25 years, Charles has helped dozens of clients achieve leaner and more efficient operations. You can connect with him here on LinkedIn or email him directly ([email protected]). Charles also has a presentation Why Lean Fails in a Company? available for free download here.

, , , , , ,




Complimentary Business Training Guides


Many companies develop robust strategies, but struggle with operationalizing their strategies into implementable steps. This presentation from flevy introduces 12 powerful business frameworks spanning both Strategy Development and Strategy Execution. [Learn more]   What does it take to achieve Operational Excellence? Read this guide and learn to build an integrated Business Execution System from Six Sigma Master Black Belt Frank Adler, co-founder of Operational Excellence Consulting. [Learn more]
The Fiaccabrino Selection Process (FSP) is a proven methodology for increasing sales and reducing turnover, developed by "Mr. Roche," Charles Fiaccabrino. Mr. Fiaccabrino is a Sales Executive with over 50 years of experience. [Learn more]   Learn this time-tested approach to Change Management authored by Ron Leeman, recipient of the Change Leader award by the World HRD Congress in 2012. Ron Leeman has been Change, Process and Project professional since 1974. [Learn more]
Recent Articles by Corporate Function

  

  

  

  

  


The Flevy Business Blog (http://flevy.com/blog) is a leading source of information on business strategies, business theories, and business stories. Most articles have been contributed for management consultants and industry executives with over 20 years of experience. If you would like to contribute an article, please email our editor David Tang at [email protected].

Flevy (http://flevy.com) is the marketplace for premium business documents, such as management frameworks, presentation templates, and financial models. Our documents are of the same caliber produced by top tier consulting firms, like McKinsey, Bain, Accenture, BCG, and Deloitte. Learn more about Flevy here.


Connect with Flevy:

   
  


About Flevy.com   /   Terms   /   Privacy Policy
© 2015. Flevy LLC. All Rights Reserved.