HOW CAN COMPANIES
BEST MITIGATE THEIR
SUPPLY CHAIN RISK?
As organisations contend with a growing number of
data security regulations, it’s important that they have
procedures in place to mitigate the supply chain risk. Tim
Bandos, VP of Cybersecurity, Digital Guardian, offers advice
on how this can best be achieved.
C
ompanies across
the globe,
including in the
Middle East, today
face the challenge
of balancing strict
data privacy rules,
such as PCI-DSS and GDPR, with the
growing need to leverage customer
data. With yet more regulations
looming on the horizon, companies are
under pressure to keep up with the
latest legislation, guidelines and best
practices to maintain compliance. has enabled corporations to innovate
and boost efficiencies, with regulatory
scrutiny tightening – and financial
penalties in the face of compliance
violations growing – taking steps to
minimise risk, protect the smooth-
running of operations and assure
customer confidence, is a vital yet tricky
path to navigate.
In addition to these pressing demands,
finding better ways to mitigate supply
chain risk is a further top priority.
Everything from applying rigorous
cybersecurity technologies, processes
and supply chain management
strategies, to implementing a framework
to assess and monitor supplier integrity. Know who you’re doing
business with
With supply chains becoming more
complex, the consequential risk
exposure for businesses is growing. And
while the rise of third-party outsourcing
74
Taking a holistic approach to data
security is a must – and there are a
number of steps organisations can take
to mitigate their supply chain risk.
Better due diligence on third-party
relationships will improve transparency
within the supply chain. But for many
corporations, conducting this due
diligence efficiently and effectively is a
challenge when dealing with thousands
of third parties and vendors.
Deploying efficient and automated
screening and using Machine Learning
Tim Bandos, VP of Cybersecurity,
Digital Guardian
algorithms to speed up this process,
can reduce the cost and time frame
of conducting due diligence on
suppliers. Similarly, ongoing monitoring
programmes can automatically flag if a
supplier is connected to criminal activity
or Politically Exposed Persons (PEPs)
who pose a greater risk of corruption
and bribery.
Address IT and cyber-risks
A belt and braces approach should
incorporate a vulnerability assessment
and ongoing monitoring of the network
and all connected devices, alongside
the organisation’s websites, apps and
firewall configurations.
Having remediated any gaps in IT
security, the next step is to focus on
updating processes to prevent these
from reappearing, ensuring that the IT
Issue 14
|
www.intelligentciso.com