The average cost of a data breach is nearly $4 million, so companies need to protect their supply chains with security comprised of a combination of layered defenses.
A recent report showed us that the 2020 threat landscape was largely shaped by the pandemic. As businesses raced to transition to cloud environments to keep their businesses’ lights on during the pandemic, security was largely an afterthought, but for attackers it was top of mind.
As the pandemic’s timeline of events and progress unfolded, so did attack trends shift. Brands we relied on during social distancing and remote work were attackers’ favorite disguise. Relief efforts and public health information were used as spam lures, and critical components of the vaccine supply chain were targeted. Many of us in supply chain remember the major data breaches a few years ago, suffered by large retailers like Target and Home Depot resulting from third-party relationships. Almost seven years later, supply chain security breaches are still making headlines—with the pandemic and, most notably, the SolarWinds breach that reverberated across the industry last year.
The most recent analysis estimates the average cost of a data breach at $3.86 million, with mega breaches (50 million records or more stolen) reaching $392 million. Given the surge in supply chain attacks in 2020, we can only imagine the impact when the analysis is updated.
So we must learn from 2020 to make sure history doesn’t repeat itself.
Top 5 Supply Chain Security Concerns
Supply chain leaders around the globe and across industries tell us these five supply chain security concerns keep them awake at night:
1. Data protection. Data is at the heart of business transactions and must be secured and controlled at rest and in motion to prevent breach and tampering. Secure data exchange also involves trusting the other source, be it a third party or an e-commerce website. Having assurances that the party you are interacting with is who they say they are is vital.
2. Data locality. Critical data exists at all tiers of the supply chain, and must be located, classified and protected no matter where it is. In highly regulated industries such as financial services and healthcare, data must be acquired, stored, managed, used and exchanged in compliance with industry standards and government mandates that vary based on the regions in which they operate.
3. Data visibility and governance. Multi-enterprise business networks not only facilitate the exchange of data between businesses, but also allow multiple enterprises access to data so they can view, share and collaborate. Participating enterprises demand control over the data and the ability to decide who to share it with and what each permissioned party can see. Read more here
By: Jonathan Wright