Advertisement

Blog

Is Your Supply Chain Information Safe?

Every once in a while supply chain experts rattle off a list of things that concern them about how well the supply chain works or doesn't work. One of the items often topping the list is the integrity of information moving up and down the supply chain.

Gartner, in fact, recently said global IT leaders will identify IT supply chain integrity as a top-three security-related concern by 2017. Specifically, Gartner predicts that enterprise IT supply chains “will be targeted and compromised, forcing changes in the structure of the IT marketplace and how IT will be managed moving forward.”

The firm defines supply chain integrity as:

    The process of managing an organization's internal capabilities, as well as its partners and suppliers, to ensure all elements of an integrated solution are of high assurance. The need for integrity in the IT supply chain is necessary, whether the solution is developed in-house or purchased from a third party.

I'm not sure if supply chain integrity is less of a concern now, compared to a few years ago, or why the concern will markedly increase five years from now. For as long as I can remember, the threat to trustworthy data-sharing practices has always been there, and people long have mentioned the importance of being able to safeguard internal capabilities, and receive and send sound data among suppliers, customers, and other trading partners.

Gartner, however, points out that as the IT supply chain has become even more complex and global the possibility for volatility and compromised data has also increased. Complicating matters is the fact that hardware vendors are more frequently outsourcing, not only manufacturing, but design work to contractors in Asia and India; and more established Asian suppliers are beginning to outsource work to emerging economies, such as Brazil, Vietnam, and Indonesia. According to research vice president Ray Valdes:

    IT supply chain integrity issues are expanding from hardware into software and information. They are growing more complex as IT systems are assembled from a large number of geographically diverse providers, and, now of mainstream concern to enterprise IT.

    These issues are not just about defense and intelligence. This has significant implications for businesses, governments and individuals moving forward in a world where the integrity of the IT supply chain is no longer completely trustable, and where all layers of the IT stack will be targeted for supply chain compromise.

Considering the expanding range of platforms used in today's information- and software-based economy, Gartner suggests that activities around IT supply chain integrity must extend to:

  • Software supply chains, which include components, frameworks, middleware, language platforms, virtual machines, operating systems and software infrastructure
  • Information supply chains, which could include integrated information from partners, suppliers and cloud-based services, such as data from Google Maps, Twitter, Facebook and Amazon

Given the vast number of ways by which companies relay supply chain information nowadays, Gartner may be on to something: Better to think of this issue now before a threat becomes a reality.

9 comments on “Is Your Supply Chain Information Safe?

  1. Barbara Jorgensen
    November 14, 2012

    Hey Jenn: As I indicated in the EBN newsletter, I first thought this was a report on hacking. Clearly, it's not, and that worries me more. OK, I get that forecasts (and other data) are imperfect, and that every layer data passes through may distort the data even more. But is seeking out more data really the answer? Are OEMs so removed from their customers that they're turning to Facebook and Twitter? If that's the case, then the supply chain as we know it (a confidential two-way information sharing system) has been a complete waste of time. The supply chain should work on the data it already gets before moving farther up, or down, the demand chain.

  2. Greg Riemer
    November 14, 2012

    Very interesting post. I assume Gartner's reason behind the 2017 number comes from their assumption that social platforms will be expanded into the supply chain and the ability to communicate and share data will become easier which in turn will create security threats. The question might become “does the ability to communicate and share data outweigh the concerns around IT supply chain integrity?” As Adrian Gonzalez pointed out in a recent blog http://logisticsviewpoints.com/2012/07/25/searching-for-metrics-quantifying-the-value-of-social-media-in-supply-chain-management/ “When it comes to using social media in supply chain management, we're still in the “early observer” stage.” Until more companies adopt social media it might be difficult to tell if the risk will increase.

  3. Taimoor Zubar
    November 15, 2012

    Interesting post, Jennifer. I think as mobile devices become more common, many companies are trying to give access to their supply chain information systems through smartphone apps. This adds to another challenge in the area of supply chain integritty and security when it comes to information safety.

  4. Taimoor Zubar
    November 15, 2012

    @Greg: Do you really think social media will play or is playing an important role in supply chain? From what I've observed, since people try to link every other field with social media, the same happened with supply chain too. I don't see many productive ways in which social media is supporting electronic supply chain today.

  5. Greg Riemer
    November 15, 2012

    @ZTaimoorZ I think the adoption of leveraging social channels and application within the supply chain and specifically electronics is slower than other industries. However I still believe it is coming. Look at GE, http://sloanreview.mit.edu/feature/ges-colab-brings-good-things-to-the-company/ and what they are now doing. If they see success other companies will follow and it will become more widely used. When I think of social media in the supply chain I'm referring to the sharing of information through various channels, not posting on FB. Maybe in the end it's an application within those well-known channels or maybe it's a new channel.

  6. Barbara Jorgensen
    November 15, 2012

    @Greg: thanks for the link. great article.

  7. Taimoor Zubar
    November 15, 2012

    “When I think of social media in the supply chain I'm referring to the sharing of information through various channels, not posting on FB. Maybe in the end it's an application within those well-known channels or maybe it's a new channel.”

    @Greg: I'm still not sold on how social media is being used in the supply chain. If you have to share information, why not do it through mediums like Emails, SMS or even EDI. Why involve social media in it?

  8. Greg Riemer
    November 16, 2012

    It's all about how people receive information. 20 years ago would you have said why email, you can call or fax? Times change and the people working in the supply chain change as well. Younger generations prefer methods like social media or texting as a form of communication and the supply chain will need to adapt. I think Adrian does a really nice job highlighting what I'm talking about in this post http://logisticsviewpoints.com/2012/06/06/why-companies-arent-using-social-media-for-supply-chain-management/.

  9. Taimoor Zubar
    November 16, 2012

    “Times change and the people working in the supply chain change as well. Younger generations prefer methods like social media or texting as a form of communication and the supply chain will need to adapt.”

    @Greg: I agree times have changed and people have a strong liking towards social media. However, we're talking about companies here not people. Are companies ready to put their information on social media so the channel partners can access? Will they get anything out of it if they choose to do so?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.