Clarifying the Murky State of Digital Supply Chain Security

by | Oct 30, 2023

We’ve talked a lot about the unfortunate chapter that is unfolding in the managed file transfer industry and the cyberattacks that have disrupted operations for many of the organizations affected by the Cl0p ransomware gang. But we firmly believe that good will come of the lessons learned. That may be difficult to fathom for some at the moment, but we’re already hearing that many organizations are taking a closer look at their entire data ecosystem, including the digital supply chain, to identify potential vulnerabilities and weaknesses in their operations. If our peers in the industry are having the same conversations that we are with customers and others concerned with the security of their managed file transfer systems, data exchange will be better for it before too long. That’s a silver lining to a very dark cloud.

Looking for Digital Supply Chain Answers

To try and learn a little more about the change in attitude, we recently ran a poll on LinkedIn asking what respondents knew of the file transfer systems their trading partners were using. Here’s the question we posted:

“Digital supply chains can be a major blind spot in your cybersecurity strategy. You may have breathed a sigh of relief when you realized your managed file transfer solution was Diplomat MFT, but after the recent Cl0p ransomware attacks, do you know what MFT software your trading partners are using?”

The answer that elicited the most clicks was “No idea! How do I find out” with 70% of the vote.

Digging Deeper into Digital Supply Chain Security

Now, I don’t pretend to believe that the results of a LinkedIn poll are anything close to scientific or that the instrument was objective, but our result seemed plausible. So I dug a little deeper and here’s what I found.

According to a June 2023 article in Supply & Demand Chain Executive (taken from a survey by third-party risk management tools vendor Panorays):

  • 13% of organizations continuously monitor third-party security risks.
  • 43% have an insufficient view of fourth-party security risks.
  • 52% find manual data collection and communications cumbersome.

Supply chain educational site Procurement Tactics reports:

  • 83% of companies prioritize customer experience when establishing a digital supply chain strategy.
  • 6% of organizations have full visibility into their digital supply chain.
  • 63% of organizations use a technology solution to monitor their supply chains.

Another survey by logistics and supply chain technology provider Parkour SC found that 99% of organizations can’t fully trust their supply chain data.

Digital Supply Chain Security is a Challenge

It’s clear that, as much as organizations rely on them, digital supply chain management and security is a major challenge today. They can be a major blind spot, and even if an enterprise goes through great pains to lock down the data management and storage systems they own and maintain, every link in the digital supply chains that connect them to customers, partners, and suppliers increases the difficulty of maintaining control.

Where managed file transfer is concerned, it makes sense to insist that trading partners standardize their practices or even standardize on a particular platform. For example, financial services giants JPMorgan and Citi Bank require that their digital trading partners comply with the JPMorgan File Transfer Services and CitiConnect file exchange systems, both of which are standardized on SFTP encrypted transport protocol and PGP file encryption. Our Diplomat MFT platform is compatible with both—and with most other organizations that demand a high level of security from organizations in their file transfer orbit.

We are concerned that so many organizations lack a clear vision of their potential risk with digital supply chains, but are encouraged to learn that many are beginning to take action to take control of their situations by improving their processes and demanding better of their partners. And we are proud that so many organizations trust us to be a secure and reliable part of their digital supply chains by choosing Diplomat MFT as their secure managed file transfer solution. You can give it a try to see if it’s right for your organization. Just download a free 15-day trial and put it through your paces.