Traditionally, a business brings various aspects of a network together to ultimately end up with a final product—the supply chain. Some things you outsource; some things you do yourself. In today's world, this model does not adequately explain the challenges facing modern business supply chains. A supply chain strategy is more complex than ever and is increasingly more difficult to manage constantly.
Beyond knowing the final results, you should have a holistic understanding of what is really happening on the inside, with every one of your suppliers. From the partners that they work with to how they are protecting your products and data.
Consider these examples:
● After five years of not one reported issue in your payment process hardware, your team realizes that a hacker has been secretly siphoning off your customers' credit card information.
● The new fancy coffee maker sets your office on fire.
● The office security camera is hacked, exposing your proprietary information.
● Your company's stock price loses 17 percent of its value when a 15-year-old's Instagram post showing a dead cockroach in your restaurant's food goes viral.
All of these scenarios could be the direct results of deficiencies in your supply chain strategy.
Today, ever present technology and business complexity present supply chain challenges unknown just five years ago. Couple this with the potential cybersecurity attacks, and your supply chain now holds unforeseen dangers related to your business.
Things to Think About Within Your Supply Chain Strategy
Below are some tips from CEOs on how they ensure that their supply chain strategy (whether their own or a part of someone else's) is ready to compete in today's dynamic and sometimes dangerous business climate.
(Full disclosure: All three startups are in the Blu Venture Investors portfolio, of which I am a principal. I have personally invested in PFP Cybersecurity and HaaS Alert, and am on PFP Cybersecurity's board of directors.)
You should constantly check and update your supply chain. Not just the first few products that a supplier sends you. This is crucial to a winning supply chain strategy.
—Jim Harris, vice president of engineering, PFP Cybersecurity
1. Do it yourself first.
“At first, we totally built our product in-house" says Cory Hohs, CEO of HAAS Alert, a Chicago-based emergency vehicle detection company. “We were super naïve. We had no idea all that went into supply chains. One time, we tried to order five of a crucial part, only to find that another company bought 10,000,000 of the same part. We got back-logged for weeks because of that one misstep."
Now Hohs is glad that they tried to do everything manually first, even though today their entire supply chain is outsourced.
“Because now, when a supplier quotes me a price or tells me that it is going to take weeks, I can say, 'I did it for way less and know that's not true.'
"On top of that," he continues, "I really understand what goes on behind the scenes with each of my suppliers. I know the types of back-end systems they should be using. I know the cybersecurity implications and protections they should be utilizing. When I consider what each of my suppliers needs to do, beyond the production of my products, I am hyper aware of everything."
2. Make physically visiting every supplier a part of your supply chain strategy.
During HAAS Alert's early years, “we were getting terrible work from some part of our supply chain, and we could not figure out exactly what the problem was with our supply chain strategy," says Hohs.
“After weeks of digging, we finally decided to visit all of our suppliers," he says. "It became obvious which supplier was the problem. We quickly replaced them and the problem was solved."
3. Avoid keeping more data than you need and demand the same from your suppliers.
Every day it seems like there's a new article out about another hundred million customers having their information exposed due to a hack. This of course can be detrimental to a business that left their customers exposed, whether its reputational risk or actual legal action.
David Wallis, CEO of NewConnect, a Washington, D.C.-based telecommunications company has cornerstone advice he lives by to address this very problem.
“We don't keep any customer data that we don't absolutely need. We make sure we are not holding customer information, like credit cards, that would expose companies should we be hacked," Wallis says.
Even with maintaining limited sensitive customer data, Wallis says his company takes the utmost precautions and employ the latest cybersecurity solutions to have added protection from attempted hacks to its system.
This strategy can apply to your suppliers as well.
“When thinking about our suppliers we ask, 'Why do you have this data about us? Do you need that?' If they do have our data for a good reason, we make sure that our suppliers have the most sophisticated encryption and constant cyber teams monitoring activities," Wallis says. "We aren't holding unnecessary customer data that could leave our customers exposed, and we demand the same from every one of our suppliers."
4. And remember: Don't stop checking.
“Fifteen years ago, companies' biggest problems were quality and consistency. This meant, look out for bugs and make sure things don't break," says Steven Chen, CEO of PFP Cybersecurity, an IoT protection company based in Vienna, Virginia. “Now, companies also have to worry about major security issues within their supply chains."
Companies have to be alert if there is any kind of potential sabotage occurring in a supply chain, according to Chen.
For example, “we are hearing about nation-states putting hacks into technology that then goes into thousands of different products," he says. "Now, without you knowing, a hacker or nation-state has access to your product at all times."
Counterfeiting as part of global supply chains only enhances this problem, Chen continues. Some companies put instructions on their websites to help people identify if their seemingly brand name product is a fake.
“You should constantly check and update your supply chain. Not just the first few products that a supplier sends you. This is crucial to a winning supply chain strategy," says Jim Harris, vice president of engineering at PFP. “Companies like PFP are now helping companies do just that. We can detect anomalies in hardware to tell you if there is something hiding that could totally tank your business days, months or even years from now when it is exposed that a hacker has had access to your product or system."
As our businesses continue to be more connected, streamlined, and globalized,whether because of cloud technology improvements or new trade dynamics, it is increasingly more important that every company has a better handle on their supply chain strategy, especially on an on-going basis. You don't want to open up the news to the next “millions of accounts hacked" article, thinking “Oh wow, that's awful! Oh wait... that's my company."
Read more articles on cybersecurity.
Photo: Getty Images