Cyber Security Supply Chain Risk Basics — Part 1

Understanding the security risk within the supply chain

The supply chain security risk is real and it is very important that an organization understands the risks of doing business with the suppliers, vendors, partners, and third parties. In this story, we will understand the concept by taking a simple example.

Let’s understand this with a metaphor example- Sam owns a sweet shop and they make 10 different kinds of sweets. Each sweets requires 20 different raw materials for example- sugar, cone syrup, veg oil, almonds, pistachios, milk powder, water, soy, sesame seeds, corn flour, wheat flour, etc. For 10 sweets they need approx. 100 different raw materials. They have 2 different suppliers for each required material. This means they are working with 200 suppliers.

Once the material is delivered, the shopkeeper then prepares/cooks all these sweets using his ten full-time employees working in the kitchen. The sweets are then handled and transported carefully from Kitchen to the shop to display and sell. This means Sam's Sweet Shop relies on several different companies, processes, activities, people, resources, and operating procedures. The supply chain for this Sweet Shop encompasses all the procedures that facilitate the safe, secure, and hygienic movement of products and services from various entities to the final customers. This involves the planning, sourcing, procurement, manufacturing, distribution, transportation, and provision of services across all entities. Moreover…