Page 68 - index
P. 68
Cybersecurity is key for supply chain management
By Todd Weller, VP, Corporate Development, Hexis Cyber Solutions
Today's supply chains are almost completely reliant on mobile technologies and Internet-
connected equipment that provides valuable feedback to companies.
The new, futuristic look of the modern supply chain may be attractive for what it contributes to a
business's bottom line, but the near infinite number of
endpoints leaves companies vulnerable to
cyberthreats.
In addition, for businesses large and small, it's
considered a good strategy to outsource everything
that's unrelated to the core competencies of the
company.
Rather than invest the time and money to improve a
part of the operation, many enterprises choose to
work with third-party vendors to help complete their
supply chains. Yet again, cybersecurity becomes an issue as the vulnerabilities of one business
in the supply agreement can lead to attacks elsewhere.
Supply chain vulnerabilities may lead to insider threats
As Paul Martyn, a supply chain expert, wrote in an op-ed on Forbes, what makes all of this so
troubling is that it sets businesses up to be attacked from within.
For example, Martyn explained that the revelation that millions of Samsung Galaxy phones have
glaring security problems could be a major threat to enterprises whose employees use the
phones.
According to a recent article, the flaw allows attackers to take control of the phone, query an
authorized server to see if software updates are available and then send malicious code to the
server that can grant the hacker access to privileged information.
Given the growing prominence of mobile devices in supply chain operations, it's obvious that
these kinds of weaknesses are dangerous to those using these devices. Users throughout the
supply chain can use their mobile phones to access key workflows and data.
Thus, all it takes is for one phone to be compromised before the whole network is at a hacker's
fingertips. Worst of all, perimeter defenses are powerless to stop this kind of attack.
The weakest link can snap the whole chain
Martyn pointed out that enterprises' reliance on their vendors and the ubiquity of electronic
communication leaves every part of the supply chain vulnerable.
68 Cyber Warnings E-Magazine – July 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
