Here’s part two of our three-part series on supply chain cybersecurity. Be sure to check out part one on positioning your organization appropriately to deal with this challenge. And next week we’ll explore the particularly complex Maritime industry.
Companies in Atlantic Canada often have a hidden history and sense of pride in the work that they do. Some of the organizations here pre-date Confederation not by years, but by decades. We have academic institutions that reach back into the 18th century. At the same time, some of these communities steeped in maritime tradition are providing components and services to some of the most advanced projects on the planet. While we can control what we do in our own organizations, we face a significant challenge. In its need to be both competitive and risk-aware, the world has forgone the idea that a handshake from a supplier is sufficient evidence of trustworthiness. Suppliers now need to be able to prove their credibility.
We know there are significant changes coming in the world of supply chain . Two of Canada’s major trading partners are increasing their demands for assurance. Our closest trading partner has even structured its demands in such a way that if they are not met, companies can be removed from a whole range of existing supply arrangements. While some companies may weather this storm, those operating in niche or highly specialized markets could face very significant challenges if that market were to evaporate.
The first step in dealing with this challenge is understanding it. The second is bracing yourself and your organization to deal with it. The third is taking that leviathan of a problem, chopping it down to size, and dealing with the manageable parts in a focused, deliberate, and structured way. This is, after all, what businesses do—at least the successful ones. The good news is that those that could potentially pose us the greatest challenges in this regard have also laid out the first few steps of the solution.
We have researched and refined approaches that can leverage much of the existing security-related activities in organizations. This approach not only gives you the traceability to make the claim that issues have been sorted out but can ensure that supply chain risk management is seamlessly integrated into your overall risk management activities. In short, the task is far from insurmountable.
This is more than a simple exercise in parroting the National Institute of Standards and Technology (NIST) guidance in corporate policies. It is more than following standards like some form of a very long checklist. Ultimately, your solutions need to meet not just the needs of your client, but also the needs of your organization. We understand that every business has its own unique combination of structure, history, and culture. All of these factors feed the solution that turns this hindrance from a seemingly overwhelming challenge into one that can open doors to new opportunities.
Mariner Security Solutions Team