Events last year demonstrated the precariousness and importance of businesses and their cyber security. The WannaCry ransomware literally held operations such as FedEx at ransom, affecting hundreds of thousands of computers. The malware made its way into networks through a loophole in Windows OS, as the operating system was not updated with a patch released by Microsoft. More recent attacks posing a threat to cyber security come in the form of Distributed Denial of Service (DDoS) attacks and memcached attacks.
In the digital age, when businesses depend on the internet for practically all aspects of their operations, it has become imperative for decision makers to have processes in place to update software and enjoy optimal cyber security. At the same time, internal threats – both intentional and unintentional – are also something businesses should be prepared for by ensuring employee education and awareness.
Importance of cyber security for procurement
When it comes to procurement professionals, cyber security is of utmost importance. These individuals deal with commercially sensitive data due to their responsibilities in the realms of purchasing, invoicing, tendering and even outsourcing.
While many companies focus more on sourcing savings, they forget that a cyber attack can wreak havoc on their invoicing and purchase order systems. As a result, hackers will end up controlling spending and sourcing, thereby disrupting business operations. If your business experiences a cyber attack, you will likely have to spend money to recover. In addition, your customers, suppliers and stakeholders will lose faith in you.
Information at risk
The procurement department tends to store a lot of information about different stakeholders and the business, including:
Credit card and bank details
Company related information
The supply chain link
It is not just procurement professionals who need to be careful. It has been observed that cyber criminals are finding ways to breach businesses by accessing weak links in the supply chain. Hence, sourcing professionals should make it a point to assess every supplier for cyber risk based on the importance of the supplier and the information that the supplier can access and alter on the company’s system.
As a responsible sourcing professional, it is imperative that you assess and evaluate cyber risks in your department and find ways to prevent serious issues from materialising.
Ed founded Odesma in 2014 with the explicit intent of creating a new kind of procurement consultancy founded entirely on cloud principles. Deploying best-of-breed subject matter experts alongside the best on demand technology to deliver rapid and effective change for customers.