Supply Chain Risk – Cyber Risk in Perspective

We have several new briefing papers to bring you in the early part of this year, written by Peter Smith.

Today, we’re delighted to bring you a paper sponsored by riskmethods, who provide a leading supply chain risk management platform that helps users manage risks and provides real-time risk alerts to enable organisations to handle risk events better. Our short paper is titled “Cyber Attack – What It Is and Why You Should Care”.

We wrote five short briefing papers back in 2017/18 with the firm, covering geo-political risk, man-made risks (strikes, etc), reputational risk, supplier financial risk and natural disasters. These are still available:

The Most Effective Ways to Mitigate Supplier Financial Risk

Corporate Image & Compliance at Risk: How to Mitigate the Hidden Risks Lurking in Your Supply Chain

Natural Disasters – How to Mitigate Unavoidable Risks

Man-Made" Risk - Different Risks Require Thoughtful Strategies

Geo-political Risk - An Informed Global View Is Essential

Now, the latest in the series is all about cyber risk.

That has really come to the forefront of our minds in the past few years, both in a domestic / consumer context and for organisations, both commercial and public sector. As the 2017 Allianz Risk Barometer said, “For the fourth year in succession businesses are more concerned about cyber incidents. The threat now goes far beyond hacking and privacy and data breaches, although new data protection regulations will exacerbate the fall-out from these events for businesses. Technical IT failure or human error can also result in costly damages”.

The risks can come from cyber attacks and issues related to our organisation directly – so that might be in a commercial setting with hackers trying to access our customer information, or it could mean the inappropriate use of private data on social media platforms for political and economic ends.

But increasingly organisations need to worry about the cyber risks to our suppliers and supply chains which can then impact us as the customers of those organisations. Indeed, often the link between our organisation and the supplier is blurred, as is the blame for any problem; data may be stolen from “our” website or database, but that might be done through another firm who provided an app, widget or other tool within our site. (That looks like it may have happened in some of the recent large-scale data thefts from household name corporates.)

In the paper, we take a look at the drivers behind the risk, whether it is malicious, driven by economic gain, or the “kids in the bedroom” hacking into complex systems just to show off to their like-minded friends. We then take a brief look at the consequences for organisations; we hardly feel it is necessary to emphasise how serious these can be, in reputational and financial terms.

Then and perhaps most importantly, we take a look at suggested actions and mitigation strategies that organisations should consider in order to put appropriate risk management plans in place to address cyber risk. As always, it is impossible to make the risk totally disappear, but there are clear approaches which can mitigate, reduce or manage those risks.

So, do download the paper here, free on registration, and we will be back with some extracts soon.

Discuss this:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.