Procurement and Cyber Security

What Procurement Professional Need to Know in 2019

PurchTips Edition #440

Cyber Security is an at front and center of the modern supply chain thought processes. Procurement Professionals are required to ensure that their organizations are protected from risks that impact their ability to manage to spend and support operations. The management of spend, support of operations, and shielding organizations from risks is the mission of procurement departments, the reason for their existence.

Procurement and Cyber Security

The Procurement Function is responsible for ensuring a consistent supply of raw material inputs to be utilized by their own conversion or manufacturing processes to produced useful outputs, products, and services that customers are willing to pay for. Cyber Threats can be present in all these activities and can come from all stakeholder groups. Therefore, Cyber Threats can come from internal and external (suppliers, partners, customers) sources.

What are at risks at hand? Everything, corporate secrets, mission-critical recipes, formulas, process data breaches, metrics, sensitive customer information breaches, financial data breaches, lawsuits, brand damage, loss of goodwill, crippling supply chain disruption, and so on.

Procurement Professionals must acquire the skills to collaborate with their IT Departments to do the following:

  1. Identify Points of Cyber Attack in supply chain processes which are the most impactful. The key is to understand the severity of threats, the total number of current intrusions, and the ability of current defense mechanism to detect and neutralize cyber threats
  2. Leverage Computer Hardening processes which create buffer zones around IT systems to shield them from cyber-attacks. A major component of this is to ensure that all activities that do not create value for a business should be curtailed to reduce the probability of cyber-attack
  3. Audit supplier cyber security capability to determine the degree of risks they pose to the buying organizations. Audits include supplier selection processes and ongoing performance monitoring processes
  4. Deploy a Cyber Threat Response Plan which provides protocol on what constitutes a cyber-attack occurs, who is responses, when, where, and how to respond.
  5. Hold procurement staff accountable for cybersecurity processes in their sphere. This is best done when integrated into the performance criteria of the procurement staff. The idea is to create a Pocket of Cyber Security Excellence within the Procurement Organization.

The Better Business Bureau recommends that managers tell their employees the following:

  • Not to open e-mail from unknown sources
  • What to do when they receive suspicious e-mail (when in doubt, delete!)
  • To disconnect from the Internet when not online
  • To consider the risks of file-sharing
  • How to perform data back-up procedures
  • Actions to take if their computers become infected.

NLPA Library: Looking for authoritative procurement templates, tools, webinars, and more?  Stop trying to create resources from scratch and start taking advantage of having exactly what you need right at your fingertips in the NLPA Library.

Want a More Rewarding Procurement Career?

Are you tired of not getting enough opportunities, respect, and money out of your procurement career? Well, guess what? Nothing will change unless you take action towards becoming a world-class procurement professional.

Earning your SPSM® Certification is the action to take if you want to bring the most modern procurement practices into your organization and achieve your career potential.
Download the SPSM® Certification Infopack today to learn how to get started on your journey to a more rewarding procurement career!

Download

Procurement Team Certification

Are you planning a procurement transformation? Or maybe you’ve already begun one.

You should know that there’s a fatal mistake that dooms many procurement transformations. If you want a successful procurement transformation, then there are five benefits of team certification that you absolutely cannot afford to ignore.

Download a free copy of Procurement Team Certification: 5 Benefits That Procurement Leaders Can’t Afford To Ignore

Download


Copyright 2019. This article is the property of the Next Level Purchasing Association and may not be copied or republished in any form without the express written consent of the Next Level Purchasing Association. Click here to request republishing permission.

By David Millington, SPSM, SPSM2, SPSM3 - Director of Education (Next Level Purchasing Association)

final

Want to get more procurement articles by email for free?

Members of the NLPA get great articles just like this by email every month. As a member, you will also get access to:

And the best part is that membership in the NLPA is Free! Sign up today and you'll receive a username and password that will allow you to access all of the benefits that come with the NLPA membership.



 
 
 
 

Upcoming Webinar - 2019 Procurement Trends That Will Change Your Business Timer Reserve your spot

Webinar