Cyber Risks Threaten Supply Chain Risk Management
By: Rodd Zolkos (Business Insurance) December 2013
Businesses’ growing concerns over supply chain exposures and cyber risks have begun to converge in a recognition of the potentially serious risks of cyber attacks along their supply chains.
The exposures can result in supply chain disruptions, theft of customer data or proprietary company information or, in some industries, the introduction of components tainted with malware.
“Cyber risks are a major threat to supply chains today,” said Stephen DeAngelis, president and CEO of Enterra Solutions L.L.C. in Newtown, Pa., a cognitive computing and analytics firm that works with big data to help clients better understand systems such as supply chains and the related risks.
“Oftentimes a bad actor will use a supply chain as a means of entry into the broader company,” Mr. DeAngelis said. Cyber attackers may find they can reach the target company through some of its lower tier suppliers, he said.
“What a bad actor is going to do is look for the weakest link in the chain,” he said.
A particularly damaging event might be an attack through a vendor that supplies companies across a variety of industries, Mr. DeAngelis said, such as a maker of wire that supplies auto manufacturers, consumer electronics companies and high-tech firms. “If that particular vendor is corrupted unknowingly by an organized bad guy they can use that vendor to penetrate a range of companies,” he said.
