One field-tested security strategy for information systems and digital content is to address the problem through processes, people and technology. On the process front, all companies involved in the production of digital IP should, by now, be adhering to a proven information security framework that fully addresses supply chain risks. That includes making sure your digital IP is protected at all times, even during post-production (or maybe we should say especially during post-production, given recent incidents).
Fortunately, there is a ready-made cybersecurity framework that companies can use, at no charge, thanks to the US federal government, which has done some sterling work in this area, namely the NIST Cybersecurity Framework.
The current version is a great way to get a handle on your organization’s cybersecurity, and the next version, currently in draft, goes even deeper into the need to maintain cybersecurity throughout the supply chain. For that reason, the draft is worth quoting at length:
“The practice of communicating and verifying cybersecurity requirements among stakeholders is one aspect of cyber supply chain risk management (SCRM). A primary objective of cyber SCRM is to identify, assess and mitigate “products and services that may contain potentially malicious functionality, are counterfeit, or are vulnerable due to poor manufacturing and development practices within the cyber supply chain.”
The World Economic Forum defines global risk as an uncertain event that, if it occurs, can cause significant negative impact for several countries or industries within the next 10 years.
Global supply chains create both opportunity and risk. Some of the macro issues we face both in day-to-day operations and future planning include cybersecurity, terrorism, climate change, economic instability, and political discord.
More specific to executives who manage global supply chains, risk is more apparent, and on a micro-basis potentially more consequential in the short term, in areas such as but not limited to reducing spend, leveraging sourcing options, creating sustainability, political and currency instability, government regulations in the U.S. and abroad, trade compliance management, free trade agreements, energy costs, and what the incoming Trump administration will mean for global trade.
Since the recession in 2008-2009, we have witnessed a serious uptick in companies worldwide reviewing their operational exposure and then creating risk strategies in managing these vulnerabilities. Risk exposure can negatively impact margin, profits, growth strategies, operational stability and personnel maintenance.
For companies operating in global supply chains the risks are vast, convoluted and often unanticipated. As a result, we tend to be unprepared for the impacts.