A recent study has provided some worrying results in regards to supply chain security. The study, which was conducted by the worldwide IT operations solutions provider, Tripwire, revealed that almost 50 per cent of respondents were not confident in the IT security of suppliers and business partners in their supply chain. This is a startling revelation, showing that many businesses are underestimating the impact this could have on them. By aligning with other companies despite security concerns, it indicates that a lot of business owners do not see this is a major cause for concern. Of course, this could not be further from the truth, and the underestimation of lax security from suppliers and business partners could have worrying consequences.
IT professionals should be involved in protecting the chain
The study involved more than 320 professionals in the IT industry that have the necessary visibility into their organisation’s supply chain security. It was carried out in December of last year, and it evaluated the different challenges brought to cyber security by business partners. Although IT professionals aren’t confident in the ability of their third party companies to protect their customers’ sensitive data, 81 per cent of respondents were confident in their own ability to do so.
Third party data breaches
There were numerous other results concluded from the survey. The vast majority of those interviewed acknowledge that a security breach to their partner or supplier would expose important data. However, the worrying fact is that 61 per cent of those said they had bigger concerns or that they weren’t concerned about this. When you consider that a data breach can cost thousands and thousands of pounds and result in severe reputational damage, it is surprising that so many businesses fail to acknowledge this. Nevertheless, a third party data breach impacts your reputation, and building up customer trust after something like this has happened can be extremely difficult. Not to mention the financial expenses you will suffer as a result as well.
Pre contract checks aren’t being completed as standard
The study also concluded that only 44 per cent of those interviewed make their suppliers and partners pass a security audit before they agree to sign a contract with them. Even more worryingly is that a large chunk of business owners, i.e. 34 per cent, use suppliers and partners that have not met their security standards. Thus, they are knowingly taking a massive risk, further highlighting that the impact of supply chain security is being underestimated.
Half of those interviewed said that they offer different standards for various partners and that they are open to making exceptions, while 25 per cent of IT professionals admit that they do not even examine the security standards of their suppliers, and thus they have no idea whether they meet their requirements. All things considered, it is surprising to see that so many business owners and IT professionals are still underestimating the impact of third party data breaches, especially when they are happening more regularly. In fact, a Deloitte survey concluded that 87 per cent of organisations have experienced a breach involving third parties.
AEO and Security Requirements
Of course, when it comes to providing a robust supply chain, security has to be taken into account and nowhere is this more important then within the AEO framework. As part of AEO certification, there must be proof that your organisation is taking steps to provide a secure supply chain, and not just when it comes to the movement of cargo itself. To find out more about AEO’s security requirements, or to find out more about how AEO could help your business, why not contact Synergos on 01484 817 444 or email email@example.com.