• Latest
  • Trending
  • All
How the Cyber Grinch Stole Christmas: Managing Retailer Supply Chain Cyber Risk

How the Cyber Grinch Stole Christmas: Managing Retailer Supply Chain Cyber Risk

December 20, 2019
Last Mile Delivery Market Worth Observing Growth | UPS, FedEx, SF Express

Last Mile Delivery Market Worth Observing Growth | UPS, FedEx, SF Express

April 23, 2024
Top 5 Spend Analysis Software ranked in 2024

Top 5 Spend Analysis Software ranked in 2024

March 1, 2024
How Tesla And BMW Are Leading A Supply Chain Renaissance With Blockchain

How Tesla And BMW Are Leading A Supply Chain Renaissance With Blockchain

January 19, 2024
LATAM Cargo strengthens European cargo links

LATAM Cargo strengthens European cargo links

April 14, 2020
Ford making reusable hospital gowns from airbag materials as efforts against coronavirus expand

Ford making reusable hospital gowns from airbag materials as efforts against coronavirus expand

April 14, 2020
Don’t Sweat NBC’s Decision to Cut Back on Television Ad Inventory

Don’t Sweat NBC’s Decision to Cut Back on Television Ad Inventory

April 14, 2020
Software firms sharpen focus on AI, big data as IT spending drops

Software firms sharpen focus on AI, big data as IT spending drops

April 14, 2020
Navigating turbulent times in your supply chain (TL:DR version)

Navigating turbulent times in your supply chain (TL:DR version)

April 14, 2020
Last Mile Delivery by Drones Market is Booming Worldwide

Last Mile Delivery by Drones Market is Booming Worldwide

April 14, 2020
AIR CARGO MARKET SIZE, SHARE, DEMAND, TREND, LATEST INNOVATIONS & APPLICATION ANALYSIS AND INDUSTRY GROWTH FORECAST 2027 – Science In Me

AIR CARGO MARKET SIZE, SHARE, DEMAND, TREND, LATEST INNOVATIONS & APPLICATION ANALYSIS AND INDUSTRY GROWTH FORECAST 2027 – Science In Me

April 14, 2020
Wheat procurement in Patiala: 6,500 coupons issued to farmers – cities

Wheat procurement in Patiala: 6,500 coupons issued to farmers – cities

April 14, 2020
Pandemic, Plastics And The Continuing Quest For Sustainability

Pandemic, Plastics And The Continuing Quest For Sustainability

April 14, 2020
  • Supply Chain
  • Logistics
  • Warehousing
  • Procurement
  • Shipping
  • More
    • Strategic Sourcing
    • Spend Analysis
    • Inventory
    • Contact Us
No Result
View All Result
United States International Supply Chain Commission
United States International Supply Chain Commission
Home Supply Chain

How the Cyber Grinch Stole Christmas: Managing Retailer Supply Chain Cyber Risk

by usiscc
December 20, 2019
in Supply Chain
0
How the Cyber Grinch Stole Christmas: Managing Retailer Supply Chain Cyber Risk
494
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

Cyber threats are always a prominent risk to businesses, especially those operating with high quantities of customer information in the retail space, with over 50% of global retailers were breached last year.  BitSight VP, Jake Olcott, has written guidance for retailers, on how to manage their supply-chain cyber risk to help prevent the ‘Cyber Grinch’ from not just stealing Christmas, but throughout the year, with four simple steps.

Cyber risk in retail is not a new concept. Retail is one of the most targeted industries when it comes to cyber-attacks. In fact, over 50% of global retailers were breached in the last year. Given the sensitive customer data these organizations often possess — like credit card information and personally identifiable information (PII) – it’s not surprising that attackers have been capitalizing on the industry for decades.


The Christmas shopping season can increase retailers’ cyber risk, with bad actors looking to take advantage of the massive surge of in-store and online shoppers that comes with it. What is important for retailers to keep in mind is that it’s not only their own network they have to worry about when it comes to mitigating cyber risk, but their entire supply chain ecosystem – from shipping distributors and production partners to point-of-sale technologies and beyond.

Take for example the infamous 2017 NotPetya attack that targeted large electric utilities, but actually ended up stalling operations for many retailers as a result. This nation-state attack had a snowball effect, wreaking havoc on shipping companies like FedEx and Maersk who are responsible for delivering many retail orders. FedEx operations were reduced to manual processes for pick-up, sort and delivery, and Maersk saw infections in part of its corporate network that paralyzed some systems in its container business and prevented retail customers from booking ships and receiving quotes.

For retailers, a cyber disruption in the supply chain can fundamentally disrupt operations, causing catastrophic harm to brand reputation, financial performance and regulatory repercussions – and the stakes are even higher during the make-or-break holiday sales period.

Here are some important steps they can take now to mitigate supply chain cyber risk this holiday season and beyond.

 

Step 1: Inventory your Supply Chain

A business today relies on an average of 89 vendors a week that have access to their network in order to perform various crucial business. As outsourcing and cloud adoption continue to rise across retail organizations, it is critical that they keep an up-to-date catalogue of every third party and service provider in the digital (or brick-and-mortar) supply chain and their network access points. These supply chain ecosystems can be massive, but previous examples have taught us that security issues impacting any individual organization can potentially disrupt the broader system.

An inventory of vendors and the systems they have access to allows security teams to keep track of all possible paths a cybercriminal may exploit and can help them better identify vulnerabilities and improve response time in the event of an incident.

Step 2: Take control of your Third-Party Accounts
Once you have a firm grasp of the supply chain, a critical focus should be to identify and manage any network accounts held by these organizations. While some suppliers may need access to complete their daily tasks, this shouldn’t mean handing them a full set of keys to the kingdom on their terms.

Retailers should ensure each vendor has an email account and credentials affiliated and managed by the retailer – not by the supplier organization and certainly not the user themselves. By taking this step, the retailer can ensure they are the first point of notification if and when an incident occurs and are in full control over the remediation process.


Step 3: Assess your Suppliers’ Security Posture

Retail security teams often conduct regular internal audits to evaluate their own security posture but fail to do so effectively when it comes to their supply chain relationships.


While a supplier’s security posture doesn’t necessarily indicate that their products and services contain security flaws, in the cyber world, where there’s smoke, there’s eventually fire. Poor security performance can be indicative of bad habits that could lead to increased vulnerability and risk exposure.

Having clear visibility into supplier security performance can help retailers quickly pinpoint security vulnerabilities and cyber incidents, while significantly speeding up communication and action to address the security concern at hand.

Step 4: Continuously Monitor for Changes
Third-party security performance assessment should not be treated as a one-and-done item on the supply chain management checklist.

The cyber threat landscape is volatile and ever-evolving, with new vulnerabilities and attack vectors cropping up virtually every day. That means retailers need solutions and strategies in place that provide a real-time, continuous and measurable pulse check of supplier security posture to ensure they are on top of potential threats before they impact the business and its customers.

Just as retailers track billions of packages and shipments in real-time to ensure there are no mistakes or bumps in the road, their vendor risk management program should be treated with the same due care.

This holiday season and beyond, it is critical that retailers invest in supply chain security management to reduce the risk of data breaches, slowdowns, and outages – and the costs and reputational damage that come along with them. After all, retailers are only as secure as their weakest third-party.

*** This is a Security Bloggers Network syndicated blog from IT Security Expert Blog authored by SecurityExpert. Read the original post at: http://feedproxy.google.com/~r/securityexpert/~3/6YjDgdMD-DQ/how-cyber-grinch-stole-christmas.html

Share198Tweet124
usiscc

usiscc

  • Trending
  • Comments
  • Latest
Escape From Tarkov – How to Rotate Items

Escape From Tarkov – How to Rotate Items

February 5, 2020
Supply chain examination: Planning for vulnerabilities you can’t control

Supply chain examination: Planning for vulnerabilities you can’t control

December 7, 2019
Procurement Project Manager job with Camden London Borough Council

Procurement Project Manager job with Camden London Borough Council

February 17, 2020
Art Battle Wichita Falls III at The Warehouse, 1401 Lamar.

Art Battle Wichita Falls III at The Warehouse, 1401 Lamar.

0
Global Industry Analysis, Size, Share, Growth, Trends, and Forecasts 2016–2024 – ZMR News Reports

Global Industry Analysis, Size, Share, Growth, Trends, and Forecasts 2016–2024 – ZMR News Reports

0
PHOTOS: Ottawa firefighters respond to warehouse fire

PHOTOS: Ottawa firefighters respond to warehouse fire

0
Last Mile Delivery Market Worth Observing Growth | UPS, FedEx, SF Express

Last Mile Delivery Market Worth Observing Growth | UPS, FedEx, SF Express

April 23, 2024
Top 5 Spend Analysis Software ranked in 2024

Top 5 Spend Analysis Software ranked in 2024

March 1, 2024
How Tesla And BMW Are Leading A Supply Chain Renaissance With Blockchain

How Tesla And BMW Are Leading A Supply Chain Renaissance With Blockchain

January 19, 2024
  • Privacy Policy
  • Terms of Use
  • Disclaimer
  • DMCA
  • Contact Us

Copyright © 2024 United States International Supply Chain Commission (usiscc.org)

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT
No Result
View All Result
  • Supply Chain
  • Logistics
  • Warehousing
  • Procurement
  • Shipping
  • More
    • Strategic Sourcing
    • Spend Analysis
    • Inventory
    • Contact Us

Copyright © 2024 United States International Supply Chain Commission (usiscc.org)