Do you know exactly what your business is spending money on? It might seem like a strange question, but according to an AmeriQuest Business Services survey*, an alarming amount of companies cannot answer it.
They have no purchasing strategy in place, or if they do, they don’t have a strict policy that ensures personnel are sticking to it. This leads to what Reggie Peterson, Director of Indirect Supply Programs at AmeriQuest, calls ‘dark purchasing’, where there is no real accountability for what employees are buying, which can put corporations at risk of supply chain hacking, as vendors are not going through an approval process.
Although linked to dark purchasing, hacking is a serious issue also caused by other weak points in the supply chain. Data breaches can be a major problem for corporations, as retail giant Target found out back in 2014 when details of over 70 million customers were hacked.
And how did the hackers get access to this data? Via the supply chain, as Peterson explains: “The hackers got through from a small third-party vendor, an HVAC service – that is how they gained access to Target’s network.” It is thought that the vast majority of data breaches originate from the supply chain as hackers look for the weakest link. When you consider that large companies could have thousands of different suppliers of products and services, it is easy to see that just one of these not following the correct supply chain security processes could open up the entire company to a hack.
A lot of the information going across the supply chain is digital – and increasingly stored in the cloud, which may mean it is more vulnerable to cyber attack than it has been previously. Peterson says: “There is an opportunity at any given time that hackers can breach any of those supplier connections and gather very sensitive information to gain a competitive advantage. And there is also the problem of hacking just for the sake of sport.”
So what can businesses do to avoid this happening? Although cyber attacks are evolving every day making them virtually impossible to completely eliminate, there are things you can do to reduce the chance of your company falling victim to hackers. Here is Peterson’s advice on four simple ways to make it harder for hackers to infiltrate your supply chain.
*AmeriQuest Business Services surveyed 2,000 people directly involved in procurement and found:
Follow @SupplyChainD on Twitter.