By 2016, a single information technology (IT) incident in the supply chain could cost companies millions of dollars in data loss and remediation, according to a report issued last month by two Gartner analysts, Neil MacDonald and Ray Valdes.
The report, "Living in a World Without Trust: When IT's Supply Chain Integrity and Online Infrastructure Get Pwned," says supply chains are increasingly vulnerable to hacker attacks because they require information to be exchanged between multiple partners. ("Pwned" is a slang term that originated in the hacker and online gaming cultures and means "owned" or beat badly by an opponent.) While companies can shield their own data from hackers within their IT parameters, they often cannot protect the information that flows beyond their firewalls to and from their partners. Hackers are able to exploit weaknesses in those links to successfully penetrate security systems, according to the report.
The report recommends that companies be careful in their use of "open source" information systems and says that they should encrypt all sensitive data. In addition, because online purchasing pOréals can be especially vulnerable, companies must take steps to strengthen security around IT procurement processes.
The report is part of Gartner's "Maverick research" program. Maverick research allows Gartner analysts to pursue new, unconventional research and insights but is not meant to be the seen as the opinion of the entire research firm.