Steve Durbin, managing director at ISF (Information Security Forum) – a cybersecurity consulting firm, tells Supply Chain Management Review to expect “evolutionary” changes in the risk scenario this year.
“Security is only as strong as its weakest link,” he says. “Despite organizations' best efforts to secure intellectual property and other sensitive information, limited progress has been made in effectively managing information risk in the supply chain.”
Too often, he adds, data breaches trace back to compromised vendor credentials to access the retailer's internal networks and supply chain. Information shared in the supply chain can include intellectual property, customer-to-employee data, commercial plans or negotiations and logistics.
In this exclusive interview, he expands on this forecast.
Supply Chain Management Review: Total landed costs are driving some companies out of California. Will greater cybersecurity resources keep them from leaving?
Steve Durbin: I doubt the greater cybersecurity resources provided to companies within California would have any impact on a business decision to relocate outside of California. The scarcity of cybersecurity resources is a global phenomenon, and almost anywhere they were to relocate would have similar constraints.
SCMR: Is the cybersecurity “talent gap” unique to California?
Durbin: California has a very large requirement for cybersecurity skills due to the dominance of the information technology and entertainment industries. While many capable cybersecurity professionals reside and work in California due to the availability of high quality jobs. However, the talent gap is so large against the demand that even the attraction of quality jobs cannot address it. Again, this is a global problem.
“Caution should not be confined to manufacturing or distribution partners. It should also embrace professional services suppliers, all of whom share access, often to your most valuable assets.” - Steve Dubin, ISF
SCMR: Should universities and colleges nationwide concentrate on cyber security curriculums?
Durbin: I have always that universities and colleges should focus on core critical thinking skills and leave practical skills to those best suited to teach them; either technology employers or specialized boot camps. The rate of change in technology and the diversity of the installed base for cybersecurity tools is so high that the timeline for University curriculum could never keep up. However, understanding first principles and knowing how to be a critical problem solver applies to any technology you use.
SC
MR
Latest Supply Chain News
- Planning fatigue may be settling in
- Inflation, economic worries among top supply chain concerns for SMBs
- April Services PMI declines following 15 months of growth, reports ISM
- Attacking stubborn COGS inflation with Digital Design-and-Source-to-Value
- Despite American political environment, global geopolitical risks may be easing
- More News
Latest Podcast
Explore
Business Management News
- Planning fatigue may be settling in
- Inflation, economic worries among top supply chain concerns for SMBs
- April Services PMI declines following 15 months of growth, reports ISM
- Attacking stubborn COGS inflation with Digital Design-and-Source-to-Value
- Joseph Esteves named CEO of SGS Maine Pointe
- Employees, employers hold divergent views on upskilling the workforce
- More Business Management