Monday, 8 June 2015

The First Step In Cyber Security: Collaboration With IT

With all that’s at stake in supply chain management, including contracts, pricing, even shared intellectual property, cyber security is a major risk for corporations.

Recently, I was at a street art fair and saw a painting I really liked. The price was right, so I decided to buy it. I reached for my credit card and then suddenly stopped. Past headlines about data breaches at retail establishments and banks flashed through my mind. I put the credit card away and paid for the picture with cash. A sign of paranoia? Maybe. That was on 4 June 2015. Later that evening, news outlets across the country were reporting on the massive hacking that very day of the computer network of the US government personnel office. Someone stole identifying information of some 4 million federal government employees. It seemed that a little paranoia isn’t a bad thing after all.

Cyber crime is big and growing. A recent study reports that the cost of data breaches has grown 23% since 2013. The study asserts that the average consolidated total cost of a data breach today is $3.8m. CPOs should take notice. With all that’s at stake in supply chain management, including contracts, pricing, even shared intellectual property, cyber security is a major risk for corporations. Mitigating that risk, as one procurement executive told me recently, should be a major responsibility for procurement.

The first step should be tighter collaboration with IT. That’s the function with the technical knowledge of how hackers can get into data systems, and it’s the function that should know the best technical defences. IT staff knows how to think like the hackers think. But procurement is the function that can best manage the IT vendors who claim to have the software to prevent data breaches.

It’s a similar arrangement that procurement has with engineering teams, marketing teams, and other specialized categories–with procurement using its supply chain knowledge and SRM skills to help other functions maximize their value. Working together, IT and procurement ought to be able to erect a shield around corporate data to protect it from invasion.

Simultaneously, procurement should be pressuring suppliers to protect their data as well, and insist that they prove that they are protecting it. Reviews of suppliers’ efforts in that regard should be part of every audit. In fact, perhaps as another aspect of collaboration, IT could help judge the technical merits of steps suppliers take.

The Procurement Leaders 2015 Trend Report revealed that nearly 71% of CPOs responding would be increasing the time they spend on risk management this year. CPOs also said they will be increasing their investment in risk management. Cyber security should claim a sizable share of that investment.



from Procurement Leaders Blog http://ift.tt/1F41ES0
This content was assembled for you by the YQ Matrix platform

The views expressed in this post and throughout the series are the autor's own and not intended to reflect the views the YQ Matrix platform, its users or any associated organisations.

For the procurement people among you, have a look at the latest YQ Matrix raw material and semi-finished prices. For: Prices on other websites.

No comments:

Post a Comment