Accendo Reliability

Your Reliability Engineering Professional Development Site

  • Home
  • About
    • Contributors
  • Reliability.fm
    • Speaking Of Reliability
    • Rooted in Reliability: The Plant Performance Podcast
    • Quality during Design
    • Way of the Quality Warrior
    • Critical Talks
    • Dare to Know
    • Maintenance Disrupted
    • Metal Conversations
    • The Leadership Connection
    • Practical Reliability Podcast
    • Reliability Matters
    • Reliability it Matters
    • Maintenance Mavericks Podcast
    • Women in Maintenance
    • Accendo Reliability Webinar Series
  • Articles
    • CRE Preparation Notes
    • on Leadership & Career
      • Advanced Engineering Culture
      • Engineering Leadership
      • Managing in the 2000s
      • Product Development and Process Improvement
    • on Maintenance Reliability
      • Aasan Asset Management
      • AI & Predictive Maintenance
      • Asset Management in the Mining Industry
      • CMMS and Reliability
      • Conscious Asset
      • EAM & CMMS
      • Everyday RCM
      • History of Maintenance Management
      • Life Cycle Asset Management
      • Maintenance and Reliability
      • Maintenance Management
      • Plant Maintenance
      • Process Plant Reliability Engineering
      • ReliabilityXperience
      • RCM Blitz®
      • Rob’s Reliability Project
      • The Intelligent Transformer Blog
      • The People Side of Maintenance
      • The Reliability Mindset
    • on Product Reliability
      • Accelerated Reliability
      • Achieving the Benefits of Reliability
      • Apex Ridge
      • Metals Engineering and Product Reliability
      • Musings on Reliability and Maintenance Topics
      • Product Validation
      • Reliability Engineering Insights
      • Reliability in Emerging Technology
    • on Risk & Safety
      • CERM® Risk Insights
      • Equipment Risk and Reliability in Downhole Applications
      • Operational Risk Process Safety
    • on Systems Thinking
      • Communicating with FINESSE
      • The RCA
    • on Tools & Techniques
      • Big Data & Analytics
      • Experimental Design for NPD
      • Innovative Thinking in Reliability and Durability
      • Inside and Beyond HALT
      • Inside FMEA
      • Integral Concepts
      • Learning from Failures
      • Progress in Field Reliability?
      • R for Engineering
      • Reliability Engineering Using Python
      • Reliability Reflections
      • Testing 1 2 3
      • The Manufacturing Academy
  • eBooks
  • Resources
    • Accendo Authors
    • FMEA Resources
    • Feed Forward Publications
    • Openings
    • Books
    • Webinars
    • Journals
    • Higher Education
    • Podcasts
  • Courses
    • 14 Ways to Acquire Reliability Engineering Knowledge
    • Reliability Analysis Methods online course
    • Measurement System Assessment
    • SPC-Process Capability Course
    • Design of Experiments
    • Foundations of RCM online course
    • Quality during Design Journey
    • Reliability Engineering Statistics
    • Quality Engineering Statistics
    • An Introduction to Reliability Engineering
    • Reliability Engineering for Heavy Industry
    • An Introduction to Quality Engineering
    • Process Capability Analysis course
    • Root Cause Analysis and the 8D Corrective Action Process course
    • Return on Investment online course
    • CRE Preparation Online Course
    • Quondam Courses
  • Webinars
    • Upcoming Live Events
  • Calendar
    • Call for Papers Listing
    • Upcoming Webinars
    • Webinar Calendar
  • Login
    • Member Home

by Greg Hutchins Leave a Comment

Supply Chain Cyber Risk Management

Supply Chain Cyber Risk Management

Cyber security risk is among the most critical risks to the supply chain:

“Cyber and data privacy breaches are perceived to be the largest threat to the stability of transport and logistics, with the sector facing potential breaches of $2 trillion by 2019.”[i]

The reality of a cyber-crime is not if, but when, and how damaging it will  be.  The inevitability of a cyber-attack has forced end-product manufacturers to reassess every element of the end-product manufacturer from product design, outsourcing, and servicing the product.

Cyber security risks will increase exponentially over the next five years.  The challenge is that most products have some type of software.  So more often, suppliers are providing critical products with embedded software that has not been sufficiently quality controlled.  Huge problem.  Counterfeit components, malicious software, or hacktivists can disrupt the supply chain or at a minimum degrade functionality.  Just look at susceptible technology in today’s automobile: automatic collision avoidance, lane-keeping assistance, adaptive cruise control, distance maintenance, front-car collision-avoidance systems, and 3600cameras.

Hacker Attach Risk

Hackers can be hacktivists or nation states.  Hackers more often are exploiting the digital supply chain to add malware or malicious code that hides in the software company’s core software, installation, or patches.  As a result of the Internet of Things (IoT), more hard products have built-in software that are Internet accessible.   Supply chain, cyber-attacks focus on these soft targets such as smart refrigerators that are breachable with relatively little effort.  As well, the benefits of hacking compared to the amount of effort are high.  A hacker can hijack final-customer personal information, core Intellectual Property, financial information, and other core assets relatively easily.

High profile hacker attacks also have become common, just look at Equifax, Securities and Exchange Commission, Deloitte, and many others.  This is the new normal for governments and end-product manufacturers.  Most importantly, these attacks have unimagined consequences.  Aside from losing invaluable information due to the breach, now executive management heads are beginning to roll.  The Chief Information Security Officer and even the Chief Executive Officer may be fired.

Breaches can to have organizational consequences.  The perception is that if senior executives cannot control the organization’s most valuable assets, such as Intellectual Property, then does the business know what it is doing.  Investors pay attention to their investments and want to know that they are secure.

That is why internal and third-party cyber security have become paramount issues with end-product manufacturers and government.

[i] ‘How Easy Is It for Criminals to Find the Weakest Link in Your Digital Supply Chain’, The Loadstar, April 10, 2016.

Bio:

Greg Hutchins is the principal engineer with Quality Plus Engineering.  He is the author of more than 20 books as well as the recently published Supply Chain Risk Management.

Greg is also the founder of:

CERMAcademy.com
800Compete.com
WorkingIt.com

And other start ups.  He can can be reached at GregH@QualityPlusEngineering.com or 503.233.1012

Filed Under: Articles, CERM® Risk Insights, on Risk & Safety

About Greg Hutchins

Greg Hutchins PE CERM is the evangelist of Future of Quality: Risk®. He has been involved in quality since 1985 when he set up the first quality program in North America based on Mil Q 9858 for the natural gas industry. Mil Q became ISO 9001 in 1987

He is the author of more than 30 books. ISO 31000: ERM is the best-selling and highest-rated ISO risk book on Amazon (4.8 stars). Value Added Auditing (4th edition) is the first ISO risk-based auditing book.

« The 5 ‘S’ Method of Operation 
The Value of Balance »

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

CERM® Risk Insights series Article by Greg Hutchins, Editor and noted guest authors

Join Accendo

Receive information and updates about articles and many other resources offered by Accendo Reliability by becoming a member.

It’s free and only takes a minute.

Join Today

Recent Articles

  • test
  • test
  • test
  • Your Most Important Business Equation
  • Your Suppliers Can Be a Risk to Your Project

© 2025 FMS Reliability · Privacy Policy · Terms of Service · Cookies Policy