Report identifies security weaknesses in supply chain ?IT

The report is based upon data gathered from a survey of 285 security professionals working at organizations that operate in the 18 industries designated as “critical infrastructure” by the United States Department of Homeland Security.
By SCMR Staff
December 07, 2010 - SCMR Editorial

The Enterprise Strategy Group (ESG), a Milford, MA-based IT industry analyst and consulting organization, recently announced the availability of a new research report titled, Assessing Cyber Supply Chain Security Vulnerabilities Within the U.S. Critical Infrastructure.

The report is based upon data gathered from a survey of 285 security professionals working at organizations that operate in the 18 industries designated as “critical infrastructure” by the United States Department of Homeland Security.

The report, co-sponsored by Hewlett-Packard and other leading IT vendors, found that:

• Sixty-eight percent of the critical infrastructure organizations surveyed have experienced at least one security breach in the past 24 months, and 13% suffered more than three security breaches in the past 24 months.
• Twenty percent of respondents working at critical infrastructure organizations rated the effectiveness of their organization’s security policies, procedures, and technology safeguards as either “fair” or “poor.”
• Seventy-one percent of the critical infrastructure organizations surveyed believe that the security threat landscape will grow worse in the next 24-36 months—26 percent believe it will be “much worse.”

The research also focused specifically on the cyber supply chain policies, processes, and technical safeguards used by critical infrastructure organizations.  The ESG report uncovered that only a small subset of the critical infrastructure organizations surveyed employ cyber supply chain security best practices—therefore many of these firms face an increased risk of a cyber supply chain attack that could impact business operations and service delivery to the public.

“This report highlights that many critical infrastructure organizations can immediately benefit by adopting basic cyber security and supply chain security best practices” said Jon Oltsik, Principal Analyst at the Enterprise Strategy Group and author of this research report.  “Most of the critical infrastructure organizations surveyed are not doing adequate security due diligence on the IT vendors that provide them with products and services.  They haven’t instituted secure software development lifecycles across their enterprises and they don’t have a set of security requirements for third-party business partners with whom they share IT systems. These weaknesses create a real vulnerability and need to be addressed as soon as possible.”

The Report, Assessing Cyber Supply Chain Security Vulnerabilities Within the U.S. Critical Infrastructure, is being provided free of charge and is available for download on the websites of ESG and HP.



Subscribe to Logistics Management magazine

Subscribe today. It's FREE!
Get timely insider information that you can use to better manage your
entire logistics operation.
Start your FREE subscription today!

Recent Entries

The Department of Commerce reported that January retail sales were up 0.2 percent compared to December and up 3.7 percent annually at $449.9 billion, and the NRF reported that January retail sales, which exclude automobiles, gas stations, and restaurants, rose 0.6 percent over December and 1.4 percent compared to January 2015.

On the freight shipments side, Cass reported that January shipments––at 1.025––trailed December by 1.3 percent and January 2016 by 0.2 percent. These declines were less than the 4.9 percent drop from November to December, though, and January shipments still topped the 1.0 mark for the 65th straight month in December.

The Department of Transportation’s Bureau of Transportation Statistics (BTS) reported this week that its Freight Transportation Services Index (TSI) saw a 0.4 percent decline from November to December, its second straight decline on the heels of a 1.0 percent decrease from October to November.

Carloads saw a 11.7 percent annual decline at 241,680, and intermodal containers and trailers rose 10.5 percent to 262,830

An amendment to the International Maritime Organization’s Safety of Life at Sea convention will go into effect requiring all shippers (importers and exporters) to certify and submit the Verified Gross Mass – the combined weight of the cargo and the container – to the steamship line and terminal operator in advance of loading the container aboard a vessel.

Article Topics

News · Technology · Supply Chain · Security · All topics

About the Author

Patrick Burnson, Executive Editor
Patrick Burnson is executive editor for Logistics Management and Supply Chain Management Review. Patrick covers international trade, global logistics, and supply chain management. He lives and works in San Francisco, providing readers with a Pacific Rim perspective on industry trends and forecasts. Contact Patrick Burnson

Comments

Post a comment
Commenting is not available in this channel entry.