Report identifies security weaknesses in supply chain ?IT


By ·

The Enterprise Strategy Group (ESG), a Milford, MA-based IT industry analyst and consulting organization, recently announced the availability of a new research report titled, Assessing Cyber Supply Chain Security Vulnerabilities Within the U.S. Critical Infrastructure.

The report is based upon data gathered from a survey of 285 security professionals working at organizations that operate in the 18 industries designated as “critical infrastructure” by the United States Department of Homeland Security.

The report, co-sponsored by Hewlett-Packard and other leading IT vendors, found that:

• Sixty-eight percent of the critical infrastructure organizations surveyed have experienced at least one security breach in the past 24 months, and 13% suffered more than three security breaches in the past 24 months.
• Twenty percent of respondents working at critical infrastructure organizations rated the effectiveness of their organization’s security policies, procedures, and technology safeguards as either “fair” or “poor.”
• Seventy-one percent of the critical infrastructure organizations surveyed believe that the security threat landscape will grow worse in the next 24-36 months—26 percent believe it will be “much worse.”

The research also focused specifically on the cyber supply chain policies, processes, and technical safeguards used by critical infrastructure organizations.  The ESG report uncovered that only a small subset of the critical infrastructure organizations surveyed employ cyber supply chain security best practices—therefore many of these firms face an increased risk of a cyber supply chain attack that could impact business operations and service delivery to the public.

“This report highlights that many critical infrastructure organizations can immediately benefit by adopting basic cyber security and supply chain security best practices” said Jon Oltsik, Principal Analyst at the Enterprise Strategy Group and author of this research report.  “Most of the critical infrastructure organizations surveyed are not doing adequate security due diligence on the IT vendors that provide them with products and services.  They haven’t instituted secure software development lifecycles across their enterprises and they don’t have a set of security requirements for third-party business partners with whom they share IT systems. These weaknesses create a real vulnerability and need to be addressed as soon as possible.”

The Report, Assessing Cyber Supply Chain Security Vulnerabilities Within the U.S. Critical Infrastructure, is being provided free of charge and is available for download on the websites of ESG and HP.

About the Author

Patrick Burnson, Executive Editor
Patrick Burnson is executive editor for Logistics Management and Supply Chain Management Review magazines and web sites. Patrick is a widely-published writer and editor who has spent most of his career covering international trade, global logistics, and supply chain management. He lives and works in San Francisco, providing readers with a Pacific Rim perspective on industry trends and forecasts. You can reach him directly at [email protected]

Subscribe to Logistics Management Magazine!

Subscribe today. It's FREE!
Get timely insider information that you can use to better manage your entire logistics operation.
Start your FREE subscription today!

Article Topics

· All Topics
Latest Whitepaper
Improving Packaging: The Cost of Shipping Air is Going Up
Retailers and manufacturers that insist on using inefficient and sloppy packaging methods—oversized boxes, inefficient packaging, poorly constructed palletized contents—are paying for their mistakes in sharply higher freight rates. Pitt Ohio White Paper, Logistics White Paper, Dimensional Packaging
Download Today!
From the July 2016 Issue
While it’s currently a shippers market, the authors of this year’s report contend that we’ve entered a “period of transition” that will usher in a realignment of capacity, lower inventories, economic growth and “moderately higher” rates. It’s time to tighten the ties that bind.
2016 State of Logistics: Third-party logistics
2016 State of Logistics: Ocean freight
View More From this Issue
Subscribe to Our Email Newsletter
Sign up today to receive our FREE, weekly email newsletter!
Latest Webcast
Getting the most out of your 3PL relationship
Join Evan Armstrong, president of Armstrong & Associates, as he explains how creating a balanced portfolio of "Top 50" global and domestic partners can maximize efficiency and mitigate risk.
Register Today!
Regional ports concentrate on growth and connectivity
With the Panama Canal expansion complete, ocean cargo gateways in the Caribbean are investing to...
Digital Reality Check
Just how close are we to the ideal digital supply network? Not as close as we might like to think....

Top 25 ports: West Coast continues to dominate
The Panama Canal expansion is set for late June and may soon be attracting more inbound vessel calls...
Port of Oakland launches smart phone apps for harbor truckers
Innovation uses Bluetooth, GPS to measure how long drivers wait for cargo