Most Read Articles
Supply chain IT systems increasingly vulnerable to attack, analysts warn
By 2016, a single information technology (IT) incident in the supply chain could cost companies millions of dollars in data loss and remediation, according to an October 2012 report issued by two Gartner analysts, Neil MacDonald and Ray Valdes.
The report, "Living in a World Without Trust: When IT's Supply Chain Integrity and Online Infrastructure Get Pwned," says supply chains are increasingly vulnerable to hacker attacks because they require information to be exchanged between multiple partners. ("Pwned" is a slang term that originated in the hacker and online gaming cultures and means "owned" or badly beaten by an opponent.) While companies can shield their own data from hackers within their IT parameters, they often cannot protect the information that flows beyond their firewalls to and from their partners. Hackers are able to exploit weaknesses in those links to successfully penetrate security systems, according to the report.
The report recommends that companies be careful in their use of "open source" information systems and says that they should encrypt all sensitive data. In addition, because online purchasing portals can be especially vulnerable, companies must take steps to strengthen security around IT procurement processes.
The report is part of Gartner's "maverick research" program. Maverick research allows Gartner analysts to pursue new, unconventional research and share their insights, but the resulting reports are not intended to represent the opinion of the entire research firm.
Join the Discussion
After you comment, click Post. If you're not already logged in, you will be asked to log in or register.
We Want to Hear From You! We invite you to share your thoughts and opinions about this article by sending an e-mail to ?Subject=Letter to the Editor: Quarter 2012: Supply chain IT systems increasingly vulnerable to attack, analysts warn"> . We will publish selected readers' comments in future issues of CSCMP's Supply Chain Quarterly. Correspondence may be edited for clarity or for length.