Supply chain threats in 2019 and beyond
Introduction
Businesses do not act alone when providing services or products to their customers. They often have manufacturers, suppliers and distributors included in their network. The steps used from origin to delivery of the product or service, and the activities, entities and resources included in the process are all a part of the supply chain.
The supply chain is an important part of potentially reducing business costs and reducing response and delivery times to customers. This means supply chain management is a vital part of a business’s success.
This also means weaknesses in the supply chain are attractive to criminals. According to Symantec, 2018 saw supply chain attacks almost doubled, with an increase of over 78%. With such a dramatic increase in attacks, supply chain management may be one of the most important security items on a company’s agenda.
Supply chain attacks can take on many forms. Criminals have used a variety of methods to exploit this weakness. This means physical assets (hardware), virtual assets (software and cloud related architecture), credentials and vendor accounts are all at risk to compromise. According to experts and researchers, there are seven supply chain security concerns to monitor and address:
- Theft
- Counterfeit goods and smuggling
- Cloud access mismanagement
- Piracy
- Tampering of physical devices
- Third-party vendors
- IoT compromise
Let’s take a look at each.
Theft
In 2018, inventory theft, or what it is commonly referred to as “inventory shrink,” cost U.S.-based retail businesses almost 50 billion in losses over 2018. This is normally the result of thieves, often employees, stealing untracked inventory and reselling outside of the intended marketplace.
Inventory loss is expected for retail stores, but high losses can cause a company to close. Criminal theft rings can be complicated and often include employees that work for the company. (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Tyra Appleby. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/okgYsgfy8-0/
