Source : Procurement Leaders

Three Lessons in Cyber Security

Sophie Dyer

The launch of a new accreditation scheme suggests more needs to be done to protect businesses.

Cyber security breaches cost UK businesses a combined £34.1bn each and every year, attendees at the launch of The Cyber Highway, a UK government-backed accreditation scheme, were told, emphasising the need for more to be done at both at a national and business level.

If the cost alone is not something that spurs businesses into action then the threat of a loss of trust, which can come as another consequence, should do.

It should be on procurement’s radar too because some of those attacks occur through the supply chain, which remains a weak point for businesses.

The Highway is part of a wider cyber security effort in the UK called the National Cyber Security Programme. The Highway itself was launched by former Home Secretary and current chairman of Cyber Essentials Direct, Lord Blunkett.

But, while these help programmes are on offer there are things that businesses can do today to start protecting themselves.


1) Get a decent external defence

Over the last few years a number of high profile businesses have been the victim of cyber-attacks and have paid the price both in terms of money and in a loss of confidence from consumers. Home Depot, JP Morgan, Sony and Target are just a few of those companies who have been targeted.

One of the most essential steps is to ensure that your business is protected externally. Protections need to be implemented throughout the supply chain because the further you go down the supply chain the smaller suppliers get and the less that any emphasis is placed on cyber security. This multiplies the risk further up the supply chain with hackers able to piggyback on different systems talking to one another.

This will involve open and honest communications with suppliers and perhaps investment to help them bring their systems up to scratch.


2) Change the mind-set

Cyber attacks are a risk and that needs to be recognised as a function. Once the team has done that work the threats can be understood and systems and policies implemented, which will be followed and acted upon by the team.

To do that conversations need to be had with peers in other businesses and other industries as well as cyber security experts.

Without this taking place, the business will be exposed.


3) Use cyber security as an opportunity

If procurement leads efforts around cyber security then it will gain recognition for that particularly from other functions, which can open up new opportunities to help save the business money.

That has to be done in the right way though. These systems can’t be bulky or hard to use. They need to be simple and easy to implement.

It has to be done though across the business, not just in one or two functions. If you fail to get systems or policies implemented then that can leave a window of opportunity open to hackers.

Now is the time to act on cyber security. Waiting only increases the chances of your business being the victim.

For more information about The Cyber Highway head to their website.


New Cyber Highway launched to strengthen supply chain defences