Cyber Risk in Supply Chains

00:08 Introduction
00:27 Richard, perhaps you could start by telling us a little more about yourself and the work you do at Cranfield?
02:46 Joannes, what is your initial overview on cyber risk and its impact on our supply chains?
04:20 What makes our supply chains so hard to secure?
06:34 Is increased connectivity a weakness?
09:29 What are the methods that we can introduce to ensure that our systems are safe?
12:38 Do you want to add something on the methods to make our systems safer?
16:07 What can companies do to protect themselves, especially with an increasing number of staff working from home?
17:42 What is your advice on how to protect a company from cyber risks?
22:08 What do you see for the future of cyber security?


As coronavirus swept the world, numerous organisations quickly transitioned towards remote working. However, with so many employees working from home, these less secure environments created new security vulnerabilities. As such, for this episode of LokadTV, we are joined by Professor Richard Wilding who tackles with us this complex topic of cyber risk in supply chains.

Richard is a Chair (Full Professor) in Supply Chain Strategy at the Centre for Logistics and Supply Chain Management, Cranfield School of Management UK. He works with both European and international companies on logistics and supply chain projects for a vast variety of sectors, such as pharmaceutical, retail, automotive, food, drink and professional services.

He also conducted research into inventory policies of organisations in times of risk and uncertainty, which resulted in international media coverage, including live interviews on BBC1 News, BBC News 24, BBC’s “The Money Programme”, BBC 5 Live and Independent Radio News. He was appointed an Officer of the Most Excellent Order of the British Empire (OBE) by Queen Elizabeth II in the 2013 New Year Honours, for services to business in recognition of outstanding achievements in the area of logistics and supply chain management.

Cyber risk is something that is often extremely conterintuitive in practice. For example, it’s very difficult to detect security problems in software as most of the usual testing methodologies do not work, as do many development practices. It’s a topic that could be described as illusive.

Nowadays, many companies use cloud software, which is generally more secure. However, it is also more exposed to attacks as there are more entry points. Web apps also present entire classes of potential security problems that are, by design, practically impossible to eliminate.

From a supply chain perspective, companies want and need things to be relatively open - to be able to connect with the various elements that make up the chain, ie. suppliers and customers. But this creates yet more entry points for an attacker.

To wrap things up, we discuss the most common cyber attack tactics, the costly hacking attacks that both Target and Google’s offices in Australia suffered and what can potentially be done to prevent such attacks - for example working with “white hat” hackers.