For supply chains to work properly, information needs to be shared with the right part of the chain at the right time. As a result, organisations are focusing on securing the supply chain from cyber threats. However, there is little evidence that organisations have integrated information and cyber risk into supply chain management and practice.
In response, Dr Adrian Davis, from the Information Security Forum’s Global Team at PwC, and I are working on a project to investigate how companies identify and manage cyber and information risks in the global supply chain.
Cyber security is becoming increasingly important in today’s networked world. It affects every industry from healthcare to finance. Generally anybody who uses the internet is at risk of becoming a cyber victim. This research will highlight threats and challenges arising from cyber security and will describe how companies can identify security risks and develop a proactive and resilient approach to manage them.
Few companies have yet formalised a supply chain risk management strategy, even less are aware of how to respond to the high-impact, low-probability risks such as cyber attacks, terrorism and natural disasters. They need to build new levels of collaboration among security, IT and supply chain managers.
The insights gained from this research will allow companies to:
- Develop a resilient approach to cyber supply chain risk management.
- Benchmark their strategy with examples of best practice case studies.
- Facilitate decision making with a cyber supply chain risk management framework.
- Identify examples of best practice in the supply chain
☛ Dr Omera Khan is senior lecturer in logistics and supply chain management at the Logistics Institute of Hull University Business School