10 must ask supply chain data security questions

addtoany linkedin

When it comes to cyber safety, your supply chain could be your biggest weakness. Approximately 80% of data breaches originate from within the supply chain, and the financial impact of a breach could do more than destroy your bottom line. It could ruin your credibility with your customers.

In 2013, Target, one of the largest retailers in the US, fell victim to a massive data breach when a cyber intruder stole credit and debit card information on more than 40 million customers and personal details like addresses, phone numbers and email addresses of 70 million customers. It cost Target more than $88 million in damages. Attacks like these have become the number one threat to many organizations and their associated supply chains, but protecting yourself isn’t enough.

Target’s breach was traced back to malware installed on its point-of-sale system. The attack came through one of its vendors, making it even more important that you have end-to-end visibility through all tiers of your suppliers – not just the top few. While cyberattacks aimed at stealing data remain the most visible risk, attacks designed to deny or disrupt service are also gaining in popularity. These types of cyberattacks jeopardize production and delivery schedules, causing delays and negatively affecting customers. Nodes along the entire supply chain can feel the impacts.

Whenever, wherever or whoever accesses your supply chain information, it’s vital to make sure your data is safe, secure and only accessible by those who should have access. Good data security in your supply starts with proactivity. Don’t wait for an attack to happen. Evaluate your supply chain by asking these simple questions:

  • ✓ Is data restricted to only those who need access to it?
  • ✓ Are corporate password policies secure enough? Are they being enforced?
  • ✓ Is sign in activity being monitored?
  • ✓ Does your staff receive regular security training?
  • ✓ Where does your hardware reside, and who has access?
  • ✓ How is physical access granted and revoked?
  • ✓ Are user actions tracked and audited?
  • ✓ Do you have a comprehensive incident response plan?
  • ✓ How is data backed up?
  • ✓ Do you routinely evaluate your security policies and procedures?

Compile you answers and use them as a jumping off point to get the conversation going about how your company handles data security. And if you’re looking for even more details about how you can protect your supply chain from cyberattacks, be sure to check out our eBook Your guide to supply chain data security. Download it now.


Peter Hillier
- February 10, 2022 at 6:21am
These 10 questions would apply to any aspect of the security paradigm. Given you folks cover supply chain, how are you addressing the security function outlined in supply chain security standards and guideline like ISO 28000, ISO 27036 (1-4), NISTIR 7622, NIST SP 800-161?
- February 14, 2022 at 8:18am
Great question, Peter. The most recent details for our security certifications can be found in our Global Impact Report here: https://www.kinaxis.com/en/resources/content/kinaxis-corp/2021-kinaxis-esg
Hope that helps!

Leave a Reply