September’s Airbus cyber-attacks demonstrated that there has never been a better time for companies to pay attention to their supply chain security.
Airbus was forced to act in the wake of a hacking operation that was directed at many of its suppliers and resulted in unauthorised access to key Airbus supply chain data. Rolls Royce and French tech supplier Expleo were among the most prominent Airbus suppliers to be targeted in an attempted hack into the aircraft manufacturer’s entire network. In a recent article in Infosecurity Magazine, Simon Wood, CEO of Ubisecure considers the challenge and offers a possible solution.
As he explains: “these instances are now pervasive across numerous other industries, as businesses are under increasing pressure to digitally transform to remain competitive. Third party solutions for components and systems are increasingly being used to support the transformation, and these have opened up wider networks for interaction with a company’s data pools.
“Hackers have exploited this new level of commercial interactivity and exposure through third party involvement, developing new approaches to infiltrate business operations and intellectual property. It has the potential to be a weak link and has become a preferred method of penetrating a company’s security infrastructure. In fact, third party data breaches rose by 50% last year alone.
“So it has become vital for companies to establish and deliver robust due diligence around their supplier relationships, and the related parties who could potentially access their systems as a result of those relationships.”
He goes on to explain how a more robust digital approach is needed and suggests that “digitising delegation” may offer an answer.
More efficient than the traditional, face-to-face approach, electronic delegation is scalable, it is faster and it is much more secure. It is also efficient and cost-effective. Despite this, it has not been widely adopted.
The article looks at examples of digital delegation and outlines the advantages of this approach. Summing up, Wood suggests that “the cost, productivity and scalability benefits will create a strong desire to adopt the solutions amongst organisations – but it’s the security considerations that will create the need.”
A version of this article originally appeared in Infosecurity Magazine.