Often, enterprises expose themselves to cyber and IT risk during the sourcing and supplier selection process when they fail to conduct proper due diligence on a prospective supplier and that supplier happens to be compromised. Other times, business units or users will insist that the buyer selects a particular supplier, service, or part – either because they have already designed the product and it is now mission-critical, or the supplier is the sole source of the commodity and there is no other option. One can envision other, more nefarious ways in which malware or a “bugged” component ends up in an enterprise’s supply chain.
Via EcoVadis
For most Chief Procurement Officers, cyber/IT security is something outside of their scope of work. Do you have the necessary resources and are you enough prepared to fight existing or potential cyber attacks in your supply chain?
Also read EcoVadis' Whitepaper on Cyber Security Risks