Cybersecurity Quarterly Survey, Q1 2022Cybersecurity Quarterly Survey, Q1 2022

This quarterly survey will track the state of cybersecurity through 2022. Benchmark your cybersecurity initiatives against peers in Q1, 2022.

Related Tags
What's your approach to network segmentation? Share your best practices/tips/tool recommendations.

Top Answer: Its a must for a better security. Beside the traditional VLANs lately I have been deploying SDNs to do micro segmentation on VM level

Related Tags
What are your biggest challenges in handling consumer data with respect to data privacy and security and what tools and processes help you manage these?

Top Answer: Biggest concerns are clients data leak. We use a combination of controls to reduce the risk.

Related Tags
What do you view as the biggest risk for potential cybersecurity incidents?

Top Answer: These categories don't appear to be mutually exclusive to me. Ransomware/Malware is often introduced through phishing campaigns, which require human error (or at least, gullability) to be successful.

What are some specific impacts of supply chain issues over the past year?

Top Answer: Here is my short list:  - IT Budgets: These have been unpredictable and affect the ability to prioritize and deliver. Internally network items, conference building, laptop refresh (hiring although not supply chain), etc are being priced at 140% of some items than were thought in the budget planning a year ago. This may lead to more agile, more frequent cycles.  - Procurement methods: For the items above, ordering from your normal supplier doesn't guarantee you will receive (or in full) the item. IT operations are ordering from alternate sources such as Amazon prioritizing time over price and contract.  -Contract Structuring- If you are buying a component for production from a supplier, you may have net 30 or below terms to get some sort of quick payment incentive. That's great in a normal market, but this is not a normal market. With lead times of months, you may pay for the item well before it is received restricting cash flow. New supply chain finance markets (I lend in these) have opened to bridge the gap with favorable terms for both. Also, breaches of contracts have become more common specifically with carriers. This is causing exponential effort to procure shippers for loads when having to tender multiple sources per shipment.  -ERP modernization needs have been highlighted: The system has been set up to prioritize backlogged orders. That works in normal times, but not in disruptive times with unprecedented consumer behavior and supply chain woes. Additionally, the data that feeds in to the algorithms and configuration + customization has long been left on the vine without updated as it wasn't an issue. Customers had product and inventory was on hand to sell and produce. This all must be updated as well.  - Rise of Value Chain: the entire company organization structure and culture could be changing due to the change of supply chain from being an operations (back office) function to a value drive and competitive advantage. This breaks down the function by function model with individual KPI's and data in to connected and collaborative machine that is truly cross function and able to answer questions of " what is the sales impact if my supplier delivers only 20% of the requested components." It is also the reason there is now the role Chief Supply Chain Officer - Visibility: In order to answer the questions above the company may need to add a route optimization software or other solutions, but the crux is that all of the data from the entire company is required to answer the above question. What is often found is silo'd data that isn't catalogued and there is no way to view it. So dashboards, data governance, catalogs, and an overall intelligence solution with AI/ML.   -Process Optimization - This is a great way to reduce costs and act as a labor retention tool. Process mining can be utilized to understand how many additional clicks, monitor if cold storage item is left out to long, and even understand why this A/P process takes 4X another region.    Innovation/DX/ESG Acceleration to do more with less, house the data and be competitive utilizing things like IoT, 5G, Drones, etc

What is the best Insider Risk Management solution?

Top Answer: I think first it helps to be clear on your insider risk issues. So look at the profiles or personas or relevant roles in your business and then work out what your insider risks are. Once you know the risks, you can get clear on what controls or mitigation strategies you need to put in place or what gaps you have to fill. Then you can look at solutions and tools to help.

Related Tags