This website uses cookies. By navigating around this site you consent to cookies being stored on your machine

How to Manage Your Supply Chain Cyber Risk

Head of Cyber Security Consulting Practice, BAE Systems
Modern supply chains allow companies to work together to deliver products and services at greater speed and lower cost. To do this, organisations often integrate their data and systems with their suppliers. But what if those suppliers are breached?
BAE Systems Supply Chain AssuranceAs technology and cyber security solutions develop and improve, so too do the techniques and routes hackers use to infiltrate their targets’ networks. Modern supply chains allow companies to work together to deliver products and services at greater speed and lower cost. To do this, organisations often integrate their data and systems with their suppliers. But what if those suppliers are breached? According to our recent Cyber Defence Monitor research, around one third of C-level executives fear that a vulnerability within their supply chain network will be responsible for a successful cyber-attack on their own organisation.
 
Suppliers and their integration are vital to the success of every business. They increasingly have privileged access into their customers’ systems and this makes it both easier to do business, but also makes them a natural target for attackers looking for an easy way in to steal business secrets and customer data. This is especially true where smaller suppliers can’t match the resources and skills of their larger customers when it comes to cyber defence. If they are breached, attackers can use this integration to more easily gain access to connect organisations.
 
We’ve seen first-hand evidence of this in the recent case if Operation Cloud Hopper, where well-resourced attackers targeted and successfully infiltrated business process and IT outsourcers, to gain access to their customers’ networks.
 
Having a Supply Chain Assurance service in place will tackle the security risk of integrated supply chains without creating labour intensive supplier management problems in the process. Businesses using Supply Chain Assurance have better visibility of supply chains and the confidence to continue operation securely.
 

A good Supply Chain Assurance service should offer:

  • Managed Assessments: End-to-end security assessments take the hard work out of assuring your supply chain partners.
  • Compliance with confidence: The results are clear; total visibility of your supplier chain and the confidence to continue your business securely.
  • Risk Led Approach: Improve the governance of the supply chain, identify risks systematically and build a risk-led assurance framework.
  • Scale and Expertise: Establish a global supply chain assurance capability that meets business needs.
  • Efficiency through Automation: Invest in optimising process with a breadth of capability, delivering an automated process with real time results.
 
Having a robust Supply Chain Assurance service in place provides organisations with the tools required to quantify and understand the risk they are exposed to through their supply chain – one of the most vulnerable and underestimated network entry points.
 
For more information on Supply Chain Assurance, visit:
 
top
Robin Oldham Head of Cyber Security Consulting Practice, BAE Systems January 16, 2018