Supply chain cyber-attacks have caused disruptions across the world. From the UK’s National Health Service (NHS) to hotel chain Holiday Inn, attacks on major businesses are become more prevalent.
In Australia, the data of almost 10 million customers was stolen following a ransomware attack on mobile carrier Optus.
The breach is understood to leading to new Federal Government security measures in the coming days.
Professor Neil Curtis, also a Senior Executive of Cybersecurity for DXC, recently presented to Procurement and Supply Australasia’s Connect members on the dangers facing supply chains and procurement.
Strategic Risk reported that effective risk management is a combination of process, governance and technology.
Types of risks include:
- A core supplier is hit by its own cyberattack, which renders it unable to deliver essential products and services. This faced shipping giant Maersk in 2017
- A vulnerability in a supply chain partner causes a breach to an organization due to the supplier holding sensitive customer information of the customer that gets compromised or because of a breach to a supplier’s systems.
- Organisations suffer a breach due to a vulnerability embedded in third-party products used in their own operation (Strategic Risk).
McKinsey reported supply-chain attacks rose by 42 percent in the United States in the first quarter of 2021, impacting up to seven million people. Read our article on cyber security.
The consultancy alluded to ERP systems, ”the crown jewels” of procurement data and accounting, being particularly vulnerable to attacks.
The pandemic has forced businesses to shift to remote and home-based working models which has in essence forced the hand of digital transformation for businesses.