Business continuity planning is an important but often overlooked aspect of managing enterprise risk. This year, the COVID-19 pandemic has made it clear to risk and security professionals—and their enterprises—that business continuity must be an organizational focal point, with supply chain continuity being an especially critical area to solidify.
Many enterprises today outsource a variety of business- and technology-related processes, making successful and reliable supply chains essential for their survival. Eight in 10 (79%) of companies with high-performing supply chains achieve revenue growth above average within their industries. But maintaining that reliability in a fast-moving era of digital disruption requires a concerted commitment to assessing threats and managing gaps in continuity plans.
While supply chain problems encountered during the COVID-19 pandemic are top of mind for many organizations, other major events in the not-too-distant past (from natural disasters to terrorist attacks and cyberattacks) have underscored the need for resilient supply chains. In fact, cybersecurity incidents increasingly are among the common causes of supply chain disruption. A study from Resilience360 finds that there were around 300 cybersecurity incidents that impacted supply chain entities last year, with many of those attacks coming in the form of ransomware.
Assess your supply chain partners’ security
Unfortunately, attacks on supply chains is a trend that is likely to escalate in the months and years to come. Earlier this year, even before the COVID-19 pandemic took center stage, the US Federal Bureau of Investigation issued a security alert to companies in the private sector regarding a hacking campaign targeting supply chain software providers. The bottom line: inadequate security and incident management procedures within supply chain ecosystems can result in major interruptions to an enterprise’s business operations. Therefore, enterprises need to vet the security capabilities of their supply chain partners on an ongoing basis. This holds particularly true in the aftermath of the current pandemic and resulting economic fallout, as some suppliers might no longer be in the economic position to implement the security safeguards that they previously had in place.