Technology and Supply Base Management
I have been involved in advocating the use of technology to
enable greater efficiency and effectiveness from supply bases for many years now. This has evolved from the early days of reverse auctions back in the nineties to a world in 2018 where data analytics, eRFx, P2P and even AI technologies have truly revolutionised the way we manage the supply base and seek and deliver opportunities and value to our customers.
However, like all things positive, technology brings with it the negative. I am of course talking about cyber-crime. Whilst technology has changed our daily lives both personally and professionally it has also opened up whole new areas of risk for us to worry about. At home these risks might be about how safe our family is on-line, or how safe our money is on-line or has that unfortunate holiday picture of me in my speedos been posted on Facebook!
At work, however, it presents itself in a whole set of new ways. If risk management strategies were complex before Mr Berners-Lee invented the World Wide Web, they have definitely increased exponentially since his wonderful idea began to dominate our personal and professional lives.
80% of all cyber threats come from the Supply Chain
With this new challenge emerging faster than most of us can log or remember our mothers’ maiden name, as Procurement and Supply Chain professionals we need to take our role as custodian of external supplier relationships a step further. We need to think of ourselves as guardians of our company’s reputation, products, intellectual property and data across the supply base like never before. We need to ensure we are monitoring the cyber-risk profile of our supply chains so that we can detect data breaches, detect illicit product and IP trafficking and be ready with corrective actions if we are alerted to these risks. Almost all of your suppliers will have some kind of digital connectivity with your company. They will transact with you via some kind of internet based technology. They will talk to you via email, they will invoice you directly via an enterprise system and they will get paid through an electronic transaction from your bank. All of these routes are open to infiltration by cyber criminals. So your supply base suddenly becomes an increased cyber-risk exposure for your company.
So what can be done about it?
One thing is for sure, risk, cyber or otherwise, is always present you can’t mitigate it entirely. You can however be more in control and start to get more pro-active. Deep Web monitoring tools such as DarkBeam (www.darkbeam.com) can detect what information from your company is being trafficked on the unchartered web and monitor that activity. Such technology can also see if information from your company is being leaked from any of you suppliers and produce a dashboard showing you where the leaks are occurring. This then gives you the ability to work with those suppliers to stop it. The tool can also be used in sourcing evaluation as you can see if certain suppliers are more susceptible to cyber security issues before you do business with them. If a potential supplier has just too much deep web traffic you might decide they are just too risky for you to use.
Technology such as this should not just be used to manage what you already managed but in a slightly different way, it should be used to help you fundamentally shift your view of risk management in light of new and very dangerous realities. It should be used to help you re-shape how you work with your internal stakeholders and your suppliers to produce a technology enabled, collaborative approach to a global threat.