The Wannacry Ransomware attack has once again brought all the focus back on the fragility of the cyber world. While all the major IT and financial organizations worked on bracing for this trouble in the best possible manner – the malware does raise glaring questions on the role of procurement in the face of cyber attacks.
The meeting point of procurement strategy and cyber security
Ask any procurement analyst, and you will realize that the sheer volume of data handled by them is gigantic. Be it in the form of supplier information, invoicing, or pricing decisions – procurement teams, are hubs of sensitive data. And therefore, it becomes even more important for them to inculcate the ethos of cyber security in their daily work process.
Integrating the existing procurement processes with cyber security solutions is the first major step towards making your systems ready to handle cyber attacks. This needs to be followed by clear identification of physical and logical architecture of different procurement facilities, so that incorporation of cyber security becomes more focused and simplified. Lastly, it is critical for the procurement professionals to be up-to-date on the latest developments in cyber security. Exposure to conferences on cyber security along with compliance to security process will go a long way in building a procurement strategy that is cyber ready.
Choosing the appropriate cyber security solution
Now, different processes demand different security solutions. Thus, the sensitivity of the data and work procedure needs to be taken into consideration while opting for the cyber security solution.
For instance, the pre-built, commercial-off-the-shelf component is best suited for catalog purchase. But processes which involve the use of critical data need to be integrated with custom-designed solutions.
ISO 27001 – an international standard which certifies that the business has appropriate controls over its data, is yet another strategy which procurement teams can adhere to. In fact, experts suggest that every entity involved in the procurement process needs to adhere to this standard. This will not only strengthen the data security process but will also bring all the stakeholders on a common platform.
For more information on how to protect your procurement process from cyber attacks, Wannacry Ransomware, Payta Cyber attack:
