The Next 9/11: The Risk of a Supply Chain Cyber War

SupplyChainBrain (Gonzalez, ARC Advisory Group) - In the early days of software-as-a-service, security was arguably the top concern many companies had about deploying a SaaS application. While security remains important today, it is no longer a roadblock to implementation, as SaaS has evolved from early-adopter stage to broad adoption, and as solution providers have invested in security (e.g., SAS 70 Type II certification). Google (and presumably Microsoft, too) getting the stamp of approval from the federal government is an important milestone for cloud computing and SaaS. In the WSJ article, Parker Harris, executive vice president of technology at Salesforce.com, which is also seeking GSA approval, agrees: Google’s certification “is validation for cloud computing for the government, and that helps the entire industry.”

Is a 9/11-like cyber attack a low probability, high impact supply chain risk? Perhaps, and there is plenty of literature on how to manage such risks, which includes keeping your fingers crossed and doing nothing. Doing nothing (or not much more than what you’re doing today) might be a justifiable decision, but it’s a decision that has to be reached after your supply chain team and corporate executives have thoroughly analyzed and discussed this risk. The goal is to avoid asking, sometime down the road, how you could have been so complacent for so long.

To view this post on ARC’s Logistics Viewpoints, go to: http://logisticsviewpoints.com/2010/07/27/the-next-911-the-risk-of-a-supply-chain-cyberwar/