What’s Ahead in Cybersecurity
Several leading management paradigms need to be reevaluated in light of the effects the pandemic has had on businesses. For example, “just-in-time manufacturing” only works when you have a stable supply chain. The semiconductor shortage illustrates this point well. The combination earlier this year of a cold snap in Texas shutting down factories at major chip makers and a fire at a Japanese chip maker contributed greatly to a shortage of chips. Fortune magazine reported that Ford had to cut global production 50% as a result (https://fortune?.com/2021/08/02/toyota-cars-chip-shortage?-semiconductors).
One could argue that these were temporary slowdowns. However, consider the impact of a long-term event such as a pandemic. Do the benefits of “just-in-time-?manufacturing” outweigh the risk of a long-term disruption to the supply chain? Will the next wave of the pandemic cause the end of “just-in-time manufacturing”? Does this paradigm of manufacturing even make sense, given the revenue loss recently experienced by the automobile industry? Adaptability to change is nearly impossible without diversified supply chains.
Also, consider cybersecurity. Recent cyber-breaches of Kaseya and SolarWinds were a wake-up call for the many companies that relied on those vendors and should be an even bigger wake-up call for anyone who takes the time to consider the long-term systemic consequences of global cyberthreats. Cyberhackers focus on companies that enable them to impact thousands of other companies, so there is a higher likelihood their ransom demands are met.
When companies rely on third-party vendors, those vendors become part of their critical infrastructure. And, unfortunately, that constitutes just about every economic entity on Earth.
It’s time to realize we live in a changed world and learn how to adapt to our strategic vendors being under continuous siege. We need to determine which ones are prepared for that assault and which ones will collapse as quickly as the government of Afghanistan. Whether relying on new or existing vendors, it’s time to demand full transparency. What steps do they take to prevent themselves from being the next victim of a cyberattack? What plans do they have if they are the victim of a cyberbreach, and how and when will they communicate that to the many customers that rely on them? Is security built into their applications, or is it just an afterthought? For these vendors, thinking about security as a nice-to-have is no longer acceptable. What steps have they taken to build security into their applications moving forward?
When you outsource, or turn over control of, critical infrastructure to others, you lose your ability to adapt to change quickly. As Charles Darwin famously posited, it is not strength but rather the ability to adapt that is critical for survival. The current trend of moving to the cloud needs to be reviewed. In many ways, it’s putting your company’s eggs in one basket—and that basket may have been made of very thin material.