Cyber securityĀ riskĀ is among the most critical risks to the supply chain:
āCyber and data privacy breaches are perceived to be the largest threat to the stability of transport and logistics, with the sector facing potential breaches of $2 trillion by 2019.ā[i]
The reality of a cyber-crime is not if, but when, and how damaging it will Ā be.Ā The inevitability of a cyber-attack has forced end-product manufacturers to reassess every element of the end-product manufacturer from product design, outsourcing, and servicing the product.
Cyber securityĀ risks will increase exponentially over the next five years. Ā The challenge is that most products have some type of software.Ā So more often, suppliers are providing critical products with embedded software that has not been sufficiently quality controlled.Ā Huge problem.Ā Counterfeit components, malicious software, or hacktivistsĀ can disrupt the supply chainĀ or at a minimum degrade functionality. Ā Just look at susceptible technology in todayās automobile: automatic collision avoidance, lane-keeping assistance, adaptive cruise control, distance maintenance, front-car collision-avoidance systems, and 3600cameras.
Hacker Attach Risk
HackersĀ can be hacktivistsĀ or nation states.Ā HackersĀ more often are exploiting the digital supply chainĀ to add malware or malicious code that hides in the software companyās core software, installation, or patches.Ā As a result of the Internet of Things (IoT), more hard products have built-in software that are Internet accessible.Ā Ā Supply chain, cyber-attacks focus on these soft targets such as smart refrigerators that are breachable with relatively little effort.Ā As well, the benefits of hacking compared to the amount of effort are high.Ā A hacker can hijack final-customerĀ personal information, core Intellectual Property, financial information, and other core assets relatively easily.
High profile hacker attacks also have become common, just look at Equifax, Securities and Exchange Commission, Deloitte, and many others.Ā This is the new normal for governments and end-product manufacturers.Ā Most importantly, these attacks have unimagined consequences.Ā Aside from losing invaluable informationĀ due to the breach, now executive management heads are beginning to roll.Ā The Chief Information Security Officer and even the Chief Executive Officer may be fired.
Breaches can to have organizational consequences.Ā The perception is that if senior executives cannot control the organizationās most valuable assets, such as Intellectual Property, then does the business know what it is doing. Ā Investors pay attention to their investments and want to know that they are secure.
That is why internal and third-party cyber securityĀ have become paramount issues with end-product manufacturers and government.
[i] āHow Easy Is It for Criminals to Find the Weakest Link in Your Digital Supply Chainā, The Loadstar, April 10, 2016.
Bio:
Greg Hutchins is the principal engineer with Quality Plus Engineering.Ā He is the author of more than 20 books as well as the recently published Supply Chain Risk Management.
Greg is also the founder of:
CERMAcademy.com
800Compete.com
WorkingIt.com
And other start ups.Ā He can can be reached at GregH@QualityPlusEngineering.com or 503.233.1012
Leave a Reply