Tech News, Magazine & Review WordPress Theme 2017
  • Supply Chain Updates
  • GLOBAL NEWS
  • REGIONAL NEWS
  • Industry Buzz
  • CURRENT ISSUES
No Result
View All Result
  • Supply Chain Updates
  • GLOBAL NEWS
  • REGIONAL NEWS
  • Industry Buzz
  • CURRENT ISSUES
No Result
View All Result
United States Supply Chain Management Council
No Result
View All Result
Home Supply Chain Updates

Protecting the Global Supply Chain With Borderless Data

usscmc by usscmc
November 25, 2020
Protecting the Global Supply Chain With Borderless Data
Share on FacebookShare on Twitter

Supply-chain cybersecurity attacks aren’t new, but they’re far from being under control.

A recent study from Resilience 360 found that there were nearly 300 cybersecurity incidents impacting supply-chain entities in 2019. With the average business sharing data with more than 500 third parties, it’s no wonder that the Ponemon Institute reports that roughly 61% of U.S. companies have experienced a data breach within their supply chains.

While geopolitical tensions drove a wide swath of those attacks, 2020 has given way to a perfect storm of opportunity, as COVID-19 has forced a large portion of the global workforce to move to remote work. Organizations from governments to businesses must take responsibility for protecting the data they process and share. With collaboration so crucial to sustaining innovation and productivity, this must be done without stifling the flow of ideas and information, or making systems and processes unworkable.

As COVID-19 hit the U.S. with force in the first quarter of this year, organizations responded by moving employees to remote work nearly overnight. As of June, 2020, an incredible 42% of American workers were conducting business remotely from home and migrating offices. With a highly mobile workforce, and supplier ecosystems that are becoming increasingly complex and globally dispersed, the threat to intellectual property and classified or sensitive information intensifies.

Project teams use mobile and cloud platforms daily to share and store data, potentially exposing it to access by unauthorized users. It’s also being physically carried outside the organization on smartphones, removable hard drives and USB storage devices which are prone to theft and loss. Within this context, data is constantly crossing the boundaries of companies and nations. There’s no longer a clear perimeter to defend.

While deliberate hacks are now commonplace, one of the biggest threats to security remains the theft, loss and misuse of data on the move. Research from Apricorn in 2018 noted that 29% of organizations surveyed had suffered a data breach as a direct result of mobile working. The same research conducted in 2020 shows that more than half of respondents still believe that remote workers will expose their organization to the risk of a data breach.

Further, recent research from Digital Guardian shows a 123% increase in the volume of data downloaded to USB media by employees since COVID-19 hit, suggesting that teams are using removable storage to take home large volumes of data. Unless these devices are encrypted, it’s only a matter of time before we see a spike in data breaches associated with remote worker vulnerability.

A data-centric, policy-based approach to security will protect the information itself, inside and outside an organization’s central systems, both on the move and at rest, while enabling safe communications. The answer lies in a multi-layered approach combining people, process and technology.

Start from within. Security isn’t just about technology solutions. Security awareness training and engagement programs need to extend to partners’ and contractors’ teams. Your goal here is to make all employees aware of the value and risks associated with data, and to both define and reinforce their role in protecting it.

Additionally, put data-security best practices in place, and manage enforcement of them. You can give your organization an advantage by creating practices and policies for how to interact with and secure data. By outlining and enforcing best practices for your team and supply chain, you help to build a culture of accountability.

Think of data in terms of a lifecycle. Having created best practices for working with and securing data, organizations should conduct a comprehensive audit, covering:

  • What kind of data is held, and for what purpose;
  • Who has access to that data;
  • Where does the data flow, and
  • How it’s currently controlled.

This will make it easier to spot areas of non-compliance, pinpoint where data may be unprotected, and identify technologies, policies and processes that can minimize risk exposure.

Enforce security. Set a strategy that includes the documenting and enforcement of policies that control how sensitive data is handled and used, and which are extended to all endpoints, including partners and contractors. Encryption must be a key element of the strategy. If a removable media device ends up in the wrong hands, encrypted information will be rendered unintelligible to anyone trying to access it.

Especially in the “new normal” of remote working, it’s imperative that IT departments research, identify and mandate a corporate-standard encrypted mobile storage device, and enforce its use through whitelisting policies. The device should be pre-configurable to comply with security requirements, such as password strength.

And, because we’re talking about the supply chain, requirements should be written into third-party contracts — setting out, for example, the tools and technologies that must be used, and when they should be updated. Organizations might take an even more proactive approach and set these requirements into the request for proposal (RFP) process, so that expectations are set before a third party is chosen.

Measure, monitor and report. For IT and security teams, the saying “You can’t manage what you can’t measure” is especially apt. The ongoing auditing of compliance, both within the organization and across the supply chain, provides rapid visibility of policy violations, so that they can be addressed through training or disciplinary procedures. Monitoring will also provide a detailed audit trail that allows the organization to demonstrate its compliance position, as well as an accurate record of any non-compliant user behavior.

A combination of technical and organizational measures can help to reduce risk exposure in the supply chain, while allowing the safe exchange and mobility of information as we continue to work from home. Businesses that control their data appropriately can protect confidentiality, national security and their own reputation without compromising efficiency, agility or their competitive edge.

The ever-expanding supply chain, coupled with dramatic changes in how and where we work, means that organizations have to continually focus on third-party security. By creating a strategic data-security plan that audits and measures along the way, with an emphasis on employee awareness and training, we can secure our supply chains despite the elimination of physical borders.

Jon Fielding is managing director at Apricorn, a manufacturer of hardware-encrypted USB data storage devices.

usscmc

usscmc

Recommended.

Families of missing Panama-registered cargo ship make appeal to PCG

Families of missing Panama-registered cargo ship make appeal to PCG

September 17, 2020
Oregon could save $1 billion with e-procurement over time

Oregon could save $1 billion with e-procurement over time

November 19, 2019

Trending.

Port Delays Leave Cargo Ships Stranded off U.S. Pacific Gateways

Port Delays Leave Cargo Ships Stranded off U.S. Pacific Gateways

January 14, 2021
Top 5 Globally Recognized Supply Chain Certifications

Top 5 Globally Recognized Supply Chain Certifications

January 14, 2021
Volatile markets for vitamins, amino acids and freight set to continue into 2021

Volatile markets for vitamins, amino acids and freight set to continue into 2021

December 26, 2020
PS5 Restock Updates, BrickSeek Inventory Checker for Walmart and Target

PS5 Restock Updates, BrickSeek Inventory Checker for Walmart and Target

December 7, 2020
Huge warehouse project kicks off in southern Dallas

Huge warehouse project kicks off in southern Dallas

September 9, 2020
United States Supply Chain Management Council

Categories

  • Global News
  • Supply Chain Updates

Tags

APICS Globally Recognized Supply Chain Certifications IIPMR Certifications International Institute for Procurement and Market Research (IIPMR) ISM Next Level Purchasing Top 5 Supply Chain Certifications top supply chain certifications

Trending

COVID-19 Update: Global Warehousing and Storage Market is Expected to Grow at a Healthy CAGR with Top players: APL,, DHL, Genco, Mitsubishi Logistics, etc.

Robots in the Warehouse: Who’s Your New Friend? | 2021-01-13

New port law to open floodgates for privatisation of operational cargo berths

Last Mile Delivery for Large Items Market – Insights on Current Scope 2026 – SoccerNurds

  • Privacy Policy
  • Terms of Use
  • Antispam
  • Disclaimer
  • Contact Us

© 2021 www.usscmc.com

No Result
View All Result
  • Supply Chain Updates
  • GLOBAL NEWS
  • REGIONAL NEWS
  • Industry Buzz
  • CURRENT ISSUES

© 2021 www.usscmc.com

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.