Author

Harry Menear

Published

5 April 2024

Estimated Read time

3Mins

Artificial intelligence could help manage risk to the supply chain by flagging threats and predicting disruption.

Cybersecurity risk to global supply chains is increasing. 

In October, data collected by the Boston Consulting Group found that the “number, severity, and sophistication” of cyber attacks is growing. 

As noted by experts at the Ponemon Institute, the problem is reaching a tipping point. They report that 98% of companies have been negatively impacted by a breach that occurred at a company in their network. Similarly, the Microsoft Digital Defense Report 2023 highlighted that a supply chain attack affected 61% of businesses in the past year.

Supply chain complexity is creating cyber vulnerabilities  

The risk of attack, the report notes, is increasing in tandem with the complexity of global supply chains. 

As organisations increase the scope and diversity of their supplier networks to boost resilience, the number of network tiers and endpoints also increases, and so do the supply chain’s points of vulnerability. 

Globalised supply chains are increasingly “often several tiers deep” notes the BCG report, which adds: For example, an auto manufacturer’s supply chain includes numerous vendors, manufacturers, service providers, and customers that rely on other suppliers, which, in turn, depend on still other vendors. The auto manufacturer’s many suppliers connect to its digital network.” The organisaiton therefore also connects to their vendors’ and customers’ digital networks. Adding another layer of risk, the suppliers connect to the company using an array of hardware and software components which were acquired from and serviced by still more third party vendors. 

The upshot is that, in a large, multi-tier supply chain, there are multiple partner entities with varying degrees of proximity to the organisation. However, while the organisation might not have any control over these organisations’ security practices, they nevertheless share in their security risks.  “Third parties’ cybersecurity risks are also the company’s risks,” the report notes. 

A recent survey of business leaders in Australia conducted by PwC found that more than 75% of respondents believe organisational complexity creates “concerning” cyber risks. However the problem is that “While Australian business leaders have raised concerns that too much avoidable, unnecessary organisational complexity poses concerning cyber and privacy risks, some complexities are necessary,” warns PwC Australia Cybersecurity & Digital Trust Partner Cameron Whittfield. 

Managing complexity and cyber risk 

Faced with the financial and reputational damage that a supply chain breach can cause, leaders need to find ways to remain resilient in the face of the cybersecurity threats. Complexity is undeniably a driver of risk to the supply chain. 

However, faced with the fact that complex supply chains are, in many cases, necessary, organisations need to find ways of protecting themselves from cyber attack without “thoughtlessly streamlining and simplifying operations and processes,” as Whittfield puts it. 

“Organisations should consciously and deliberately” simplify where possible, he adds, “to protect its systems and data.” However, simplifying the complexities that can be eliminated, and protecting complex elements of the supply chain that can’t are both significant challenges.   

Intelligence sharing can mitigate complexity risk

Whittfield argues that collaboration between ecosystem partners and threat intelligence sharing are vital in the process of securing a supply chain. He emphasises that there needs to be “more effective collaboration, within and between the public and private sectors.” Most importantly, the public and private sectors need to collaborate before, not just after attacks take place.  

“While supply chains are invariably large and complex, it is vital that organisations gain better visibility and more effectively manage their third-party relationships and dependencies. Mapping these relationships and the data held by an organisation is key to increasing cyber resilience and making informed cyber investment decisions,” he adds. 

This collaborative approach is an essential when mapping the supply chain in order to locate and minimise risks. Visibility remains a huge problem for supply chains, as 85% of supply chain disruptions originate from indirect Tier 2+ suppliers.

  • Digital Supply Chain
  • Risk & Resilience

Related Stories

How CEOs can drive culture change around diversity and inclusion

Diane Lightfoot, CEO of Business Disability Forum, on changing the narrative around diversity and inclusion in the workplace

Read now

Issue 39 of Interface magazine is live!

Ian Povey, CIO – Head of Payments Services & Technology, on the strategic transformation taking place at NatWest benefitting both the bank and its customers

Read now

Issue 34 of Interface magazine is live!

Our cover story this month investigates how Fleur Twohig, Executive Vice President, leading Personalisation & Experimentation across Consumer Data & Engagement Platforms, and her team are executing Wells Fargo’s strategy to promote personalised customer engagement across all consumer banking channels

Read now
Supply chain disruptions continue to force SCMs to adapt. Here are our top 4 areas for supply chain managers to focus on that produce the best results.

Top 4 areas of focus for supply chain managers  

Supply chain disruptions continue to force SCMs to adapt. Here are our top 4 areas for supply chain managers to focus on that produce the best results.

Read now
Fast fashion brands are embracing blockchain to better trace the sustainability impact of their supply chains, but can it really help clean up their operations?

Can blockchain help clean up fast fashion supply chains?  

Fast fashion brands are embracing blockchain to better trace the sustainability impact of their supply chains, but can it really help clean up their operations?

Read now

Amazon Business: Harnessing procurement efficiency

Satya Mishra, Director, Product Management at Amazon Business, discusses how CPOs have become an important voice at the table to drive digital transformation and efficient collaboration.

Read now

Amazon Business: Harnessing procurement efficiency

Satya Mishra, Director, Product Management at Amazon Business, discusses how CPOs have become an important voice at the table to drive digital transformation and efficient collaboration.

Read now

HICX: How supplier-centricity could hold the key to sustainability

Anthony Payne, Chief Marketing Officer of HICX, tells us how working collaboratively with suppliers on sustainable procurement practices could act as an organisation’s competitive advantage.

Read now

Issue 50 of CPOstrategy is LIVE!

DHL Group’s Erik-Jan Ossewaarde discusses the power of partnerships in the transition towards a green supply base, and how proactively fostering supplier relationships contributes to a more sustainable ecosystem…

Read now
The next generation of smart, connected packaging is giving supply chain leaders new levels of insight into their logistics operations.

Smart packaging is creating smarter supply chains 

The next generation of smart, connected packaging is giving supply chain leaders new levels of insight into their logistics operations.

Read now
Critics of the newly-passed CSDDD argue that it could inadvertently harm developing economies, potentially wiping billions of dollars from national GDPs.

New EU regulations highlight complexities inherent to cleaning up global supply chains

Critics of the newly-passed CSDDD argue that it could inadvertently harm developing economies, potentially wiping billions of dollars from national GDPs.

Read now
A proliferation of data is creating bigger siloes and pain points than ever before throughout unprepared supply chains.

Big data is creating new pain points in supply chain management

A proliferation of data is creating bigger siloes and pain points than ever before throughout unprepared supply chains.

Read now

We believe in a personal approach

By working closely with our customers at every step of the way we ensure that we capture the dedication, enthusiasm and passion which has driven change within their organisations and inspire others with motivational real-life stories.

Get in touch