Steve Durbin, managing director at ISF (Information Security Forum) – a cybersecurity consulting firm, tells Supply Chain Management Review to expect “evolutionary” changes in the risk scenario this year.
“Security is only as strong as its weakest link,” he says. “Despite organizations' best efforts to secure intellectual property and other sensitive information, limited progress has been made in effectively managing information risk in the supply chain.”
Too often, he adds, data breaches trace back to compromised vendor credentials to access the retailer's internal networks and supply chain. Information shared in the supply chain can include intellectual property, customer-to-employee data, commercial plans or negotiations and logistics.
In this exclusive interview, he expands on this forecast.
Supply Chain Management Review: Total landed costs are driving some companies out of California. Will greater cybersecurity resources keep them from leaving?
Steve Durbin: I doubt the greater cybersecurity resources provided to companies within California would have any impact on a business decision to relocate outside of California. The scarcity of cybersecurity resources is a global phenomenon, and almost anywhere they were to relocate would have similar constraints.
SCMR: Is the cybersecurity “talent gap” unique to California?
Durbin: California has a very large requirement for cybersecurity skills due to the dominance of the information technology and entertainment industries. While many capable cybersecurity professionals reside and work in California due to the availability of high quality jobs. However, the talent gap is so large against the demand that even the attraction of quality jobs cannot address it. Again, this is a global problem.
“Caution should not be confined to manufacturing or distribution partners. It should also embrace professional services suppliers, all of whom share access, often to your most valuable assets.” - Steve Dubin, ISF
SCMR: Should universities and colleges nationwide concentrate on cyber security curriculums?
Durbin: I have always that universities and colleges should focus on core critical thinking skills and leave practical skills to those best suited to teach them; either technology employers or specialized boot camps. The rate of change in technology and the diversity of the installed base for cybersecurity tools is so high that the timeline for University curriculum could never keep up. However, understanding first principles and knowing how to be a critical problem solver applies to any technology you use.
SC
MR
Latest Supply Chain News
- Few executives believe their supply chains can respond quickly to disruptions
- Technology’s role in mending supply chain fragility after recent disruptions
- Tech investments bring revenue increases, survey finds
- Survey reveals strategies for addressing supply chain, logistics labor shortages
- Israel, Ukraine aid package to increase pressure on aerospace and defense supply chains
- More News
Latest Podcast
Explore
Business Management News
- Few executives believe their supply chains can respond quickly to disruptions
- Technology’s role in mending supply chain fragility after recent disruptions
- Survey reveals strategies for addressing supply chain, logistics labor shortages
- How CPG brands can deliver on supplier diversity promises
- How S&OP provides the answer to in-demand products
- AI, virtual reality is bringing experiential learning into the modern age
- More Business Management