In an age when cyber attacks are rising but cybersecurity experts are in short supply, professionals in procurement jobs and supply chain jobs must take steps to maximise their organisation’s security.

A new US study has shown that most organisations clearly recognise the need for cybersecurity professionals but still struggle to source candidates with both work experience and the relevant skill sets from the available labour market. Spend analytics expert Brian Seipel has suggested a series of high-level steps that staff occupying supply chain jobs should take to compensate for the absence of suitably qualified cybersecurity experts.

The guidance is particularly relevant as supply chains, even those of smaller enterprises, become increasingly globalised thanks to emerging new communications and data management technology. However, the regulatory landscape and the Standard Operating Procedures of each organisation too often lag behind these tech advances. Ironically, this means that as the use of tech increases, so too does the risk of cyber security threats, which could be catastrophic for the supply chain.

The four steps Seipel proposes can be taken immediately, as they don’t depend on input from cybersecurity experts. They are as follows:

  • Be clear about your organisation’s existing security policies in relation to the supply chain, including any third-party suppliers within it.
  • Remember that cybersecurity isn’t confined exclusively to technology but is also very much a human resource issue. Everyone with a supply chain job and procurement job needs to be aware of the kinds of cyber attacks that could damage the organisation. Even the most advanced tech security will fail if a team member clicks “on the wrong link in the wrong phishing email.”
  • Ensure that key suppliers confirm that they’re aware of these policies and have policies of their own that they’re implementing. After all, chains are only ever as strong as their weakest link: a supplier’s vulnerability can rapidly become yours.
  • Conduct regular information exchanges with all suppliers to ensure that both sides are fully compliant and aware of potential cyber security risks.

Find your next procurement or supply chain interim job here