The world’s total digital data volume is doubling in size every two years, prompting organizations to find new ways to secure their complex data. In their new NVTC member blog, LMI provides tactics for determining cybersecurity threats in your organization’s digital supply chain and securing critical data.
The world’s total digital data volume is doubling in size every two years, and by 2020 will contain nearly as many digital bits as there are stars in the universe. Most of this data is created and communicated over the Internet, whose “population grew by more than 750 percent in the past 15 years to over 3 billion. This population shares more than 2.5 million pieces of content on Facebook, tweets more than 300,000 times, and sends more than 204 million text messages—every minute.”
With the advent of the Internet of Things and other innovative technology platforms, organizations must continuously analyze and secure their complex data. For supply chain operations, digitalization has enabled leaders to access data faster and build stronger connections within a given supply chain. While there are clear benefits of the digital supply chain, there are challenges that need to be overcome in order to realize its full potential.
According to Ernst & Young, complex data presents numerous challenges to supply chains:
- The volume of data is skyrocketing as diverse data sources, processes and systems show unprecedented growth. Companies are trying to capture and store everything, without first establishing the data’s business utility.
- The fact is, technology is enabling this proliferating data complexity—continuing to ignore the need for an enterprise data strategy and information management approach will not only increase “time to insight,” but it may actually lead to incorrect insights.
Perhaps, none of these challenges is as critical as an organization’s ability to successfully secure its supply chain data given the IT security risks posed by the Internet. In fact, 30 percent of supply chain professionals are “very concerned” about a data breach.” The concerns of these professionals are well-founded. The number of cybersecurity breaches is growing by 64 percent every year with 60 percent of cyber breaches linked to insiders—current and former employees, contractors, service providers, suppliers and business partners.
Unfortunately, many organizations are unaware of the security vulnerabilities within their supply chain or how to determine those vulnerabilities. To help organizations determine their vulnerabilities, start by answering the following three questions:
1. How will the product be used and managed in the system? While any system breach is bad, the compromise of a system managing classified data is a much worse than a system that is managing publically available data. Understanding the use of the Information and Communication Technology (ICT) equipment will help determine the resources appropriate to secure the system. In reviewing the product use, consider what other systems are connected to the focus system. A less secure system can serve as a pathway to attack a more highly secured connected system. This was the method used to steal credit card numbers from Target in 2013.
2. How is the system connected to the rest of the world? A system that is connected to the public Internet will need more reliable security, since it would be easy to find and attack. On the other hand, a system that is isolated from any other network would have a much lower risk of attack or data breach, since the attacker would need to be in physical proximity of the system.
3. Who are the system users? Are the users internal employees who are trained on security procedures or is the system accessed by a public user base which may not consider risky security behaviors? Simple security procedures, such as keeping passwords secret and maintaining current anti-virus software, cannot be counted on if you do not directly control users’ environments.
By answering these questions, organizations could quickly and effectively determine the security vulnerabilities within their digital supply chain. Organizations can also contact our cybersecurity experts who can help you monitor, prioritize, and effectively manage your risks to create an optimal level of security based on mission priorities and resource constraints.