To improve their security posture, organizations are putting a greater focus on their supply chain. However, when many think of supply chain security they only think of trucks and logistics.
This Security Barometer was conducted to assess the lay of the land regarding supply chain security within our community.
Only those that selected “Yes” in the previous question were presented with the following questions.
We encourage you to consider some of the items in this list that your supply chain security team is not currently involved in.
One of the most difficult tasks for security leaders is to be able to communicate the value that their programs offer the organization. Out of the group of survey participants that supported supply chain security for their organizations, two thirds felt that their senior management had a good understanding of the value that their programs could provide.
The survey provided each participant the opportunity to comment on the survey and their answers to the questions. The following are some selected responses edited to protect the privacy of the participants and the organization’s they represent:
- It is a part of our role, but in a more holistic security risk management process. We run everything from geo-political threat intelligence (Fusion Center) which pushes supply chain risk intel to those functions in our business units. The Corporate Security team also leads all global counterfeit investigations, cargo security, site security, toller (3rd) party vulnerability assessments, etc. This is in addition to other responsibilities.
- The company's logistics function relies on its own vendors to assist them with security services.
- Supply Chain Security is divided into different department's responsibilities. We take care [of] onboarding (fulfilling our physical/IT/logistics security as well as business continuity requirements), contract obligations, external certifications, forwarders and storage (logistics), loss investigations, regular reviews ("regular evaluation"), audits and assessments, Fighting Against Forced Labour and Child Labour in Supply Chains Act., etc. However, there is in Corporate Security not "the one" supply chain security specialist spending >25% of their times. In total, we spend about 15% of our time on such topics.
- Senior management see Corp Security is playing a leading role in Supply Chain Security, but they don't have a full understanding of the benefits the program can bring to the company. And - at the stage we are today as a company - they are focusing on other (also) important themes they think are more relevant.
- Supply chain security ("partner security") is done out of purchasing and a dedicated department.
- Corporate security plays a small role in internal investigations only. Many other "supply chain security" functions are spread out across several disparate teams + orgs.
- Our physical security team is not involved in managing or overseeing supply chain.
- Falls outside of direct ownership
- We are only monitoring potential impacts but are starting to work with key stakeholders & leaders to integrate this more from a crisis management and ERM stance.
- We have not devoted any resources to supply chain security, although we have secured our warehouses.
- Supplier Risk is a domain we are focusing on for FY24. Our focus is supply chain risk management for things like disruption due to natural disasters, civil unrest, theft, organized crime etc. We are working to establish a monitoring for events that might impact our supply chain.
- We spend 0% on supply chain security as does our supply chain management team.
- Full-time director that oversees Supply Chain Security program (third-party contract to conduct assessments) and Product Security.
- We have an entire group dedicated fulltime to supply chain security with a global presence.
- Each month, quarterly, and annually, Executive Leadership, including Supply Chain/Distribution Leaders, are provided a report highlighting the value of product protected and cost avoidance.
- The execution of our LP strategy incorporates each of those barometers for it to be measured a success. Field based intel through to customer centric NPS allows for an effective review. Without inbound feedback through client engagement and field intel, we remain blind to organizational threats which are emerging. OCG activity is on the increase within our sector of the supply chain.
We urge you to think of the bigger picture when considering Supply Chain Security. In our minds Supply Chain Security is comprised of the controls, processes and systems specifically put in place to reduce risk across the supply chain life cycle, from supplier onboarding through product integrity and providing customer assurance.
The Security Executive Council team can help you if you are looking to build or improve your programs.
Contact us to discuss your issues and see what we may be able to offer.
Download a PDF of this page: