IT security and supplier relationships

Buying materials, products and services from suppliers, as well as supplying materials, products or services to other businesses creates interdependencies and with them – security risks.

You are likely to use the internet to interact with many of your suppliers and customers. Most of the risks that result are the same as if performed offline, and the same precautions should apply. However, there are additional risks – particularly if you are a supplier.

Orders may be placed electronically, without advance warning, prior contact or the opportunity to confirm the customer is who they say they are. This increases the risk of fraud.

‘Just in time’ delivery means that customers might demand to see information about your stock levels or processes, for example, that you would not want seen by competitors. And you may even deliver your services or products electronically to a customer who is otherwise unknown to you. Such additional cyber security risks must be addressed.

Supply chain security

Things can become even more complicated when you are involved in creating a complex product that involves many organizations, some of which may be small businesses like yours, but others could be large multinational companies with little interest in your problems other than seeing the end result achieved.

Cyber security in such a supply chain is important because of the need to share information between the multiple participants to achieve a common objective. Small businesses can find maintaining security in such supply chains difficult because of their limited influence over larger partners.

Your customers and suppliers may want to see evidence that you have adequate cyber security. Find out more about proving your business IT is secure.