Companies must be sure they are getting the best possible technological solution for their supply chain-based business. A recent report from Guy Carpenter found that technology failure and cyberattacks will be more damaging to these organizations than other disasters. In fact, weather, fire and social unrest combined do not present as great a risk as some of the problems the cyberworld may bring, according to the "Tomorrow Never Knows" report. Whether adopting a new barcode scanner, automated data collection solution or other technology, enterprises must keep security in mind.
"It is critical that [companies] are prepared to anticipate and react to a rapidly changing and uncertain risk landscape," says David Flandro, global head of business intelligence for Guy Carpenter. "We are observing the rise of many new risks as technological, economic and scientific advancements are made. Only by analyzing and seeking to better understand these risks can we mitigate the element of surprise."
The report said the immediate risks associated with cyberattacks can run the gamut from legal liability to security and privacy breaches. Even reputational damage can result from such attacks. Supply chain management systems are critical to helping companies work in the modern age, but the Guy Carpenter report said picking the wrong system, not securing it and failing to implement it correctly can cause an influx of threats. Even major weather events are outpaced by technology failures as a major force that can disrupt the supply chain.
Risk Management a Must for the Supply Chain
Eric Chabrow wrote on BankInfoSecurity that the National Institute of Standards and Technology released a report last year that gave some best practices for protecting against risk in the supply chain. First, companies must identify any possible elements, processes or factors that may be unique or pose a threat to the business. After this, access and exposure within the supply chain should be limited and there should be a record of what has happened across the supply chain, step-by-step. This means a list of where files come from and who made changes.
At this point, companies should share information with only the most stringent limits, always perform supply chain management awareness and train employees to minimize risks.
"A strong supply chain risk mitigation strategy cannot be put in place without significant attention given to training personnel on supply chain policy, procedures and applicable management, operational and technical controls and practices," Chabrow wrote.