IT Supply Chains are behind the seamless process of today’s global businesses. These technologies made global sourcing possible, delivering quality products at the best prices. A single company may have multiple suppliers from China, Vietnam, India, Indonesia, and the like. From complex international freight trades to local small business distribution channels, any supply chain has an IT infrastructure. This makes Supply Chain Security a point for discussion.
A supply chain’s efficiency and safety is vital to deliver products on time, while preserving their quality. It’s a must to anticipate events such as the Ukrainian War and Chinese Cities lockdown and be prepared with a strong global network of offshore manufacturers.
Russian Cyber Attacks
Moreover, as the Ukraine conflict escalates, the US and Canada should brace themselves for Russian Cyber Attacks, which have done significant disruption and damage in the past.
The pandemic has also paved the way for Covid-19 scams such as survey scams to collect personal information.
As the IT Supply Chain exists on the internet, it may be targeted by threats such as human errors, system glitches, and malicious attacks.
It is a must to stay protected against data breaches and other attacks. Using strong passwords, multi-factor authentication, storing documents securely, and monitoring bank statements go a long way.
However, when a supply chain’s technology is attacked, it can lead to severe consequences from failure to deliver to compromising customer data.
New Zealand prides itself as the source of the world’s best dairy and agriculture products, whose ingredients is grown in its vast pasturelands.
Beyond its vast greenery, the country must worry about delivering the products on time and in their best quality. Numerous dairy and agriculture companies rely on IT infrastructure, which success is synonymous with the country’s trade reputation.
Security Worries Executives
A 2021 global survey by machine identity management provider Venafi revealed a widespread global concern. Supply Chain Security is not taken as seriously as it should be, making companies vulnerable.
97% of executives believed that software providers must improve the security of their software build and code signing processes for supply chains, while 96% of executives thought that software providers should be required to guarantee the integrity of the code in their software updates.
The SolarWinds Attack Changed the Game
From as early as September 2019, phishers hacked their way into SolarWinds network. In the next six months, they created a malicious code known as SUNBURST and injected it into the company’s Orion software. When the compromised software was unknowingly sent out, it was initially believed that 18,000 SolarWinds customers were compromised, including government clients. The company later announced the actual number of customers who were hacked through SUNBURST to be less than a hundred.
The breach was an awakening for industries and impressed the importance of bolstering cybersecurity.
Venafi Vice President of Security Strategy and Threat Intelligence Kevin Bocek emphasized the need for company-wide approaches in addressing supply chain security, which may entail structural change within an enterprise.
“Executives can’t treat this as just another technical problem – it’s an existential threat. C-level executives and boards need to demand that security and development teams for software vendors provide clear assurance about the security of their software,” he said.
On the Home Front
New Zealand is no stranger to supply chain attacks, and 2021 saw a worrying increase.
In response to heightened threats, the National Cyber Security Centre released the “Supply Chain Cyber Security: In Safe Hands” report.
The report highlights the are three key steps businesses, and personnel should take to boost supply chain security:
Identify: List critical suppliers and valuable assets that deserve high-level protection.
Assess: Dig for vulnerabilities in supply chain infrastructure and allocate resources to up the cyber security resilience of critical areas.
Manage: Manage supply chain risk through a monitoring, cyber security performance assessment, and integration of supply chain risk into organisational risk management frameworks.