Imagine a world in which you know not only where your cargo is, but
whether it’s still at the right temperature, whether it was dropped,
whether the truck driver braked hard or got stuck in traffic, and
exactly who handled it and when. That’s the world of the Internet of Things
(IoT), and it’s here now: providing deep insights and actionable
information that boosts efficiency , improves safety and fuels the
supply chain. But it also increases risk. According to the World
Economic Forum’s “Global Risks 2015” report, with the IoT, “There are more devices to secure against hackers, and bigger downsides from failure.”
For managers, that means walking a tightrope between leveraging benefits and mitigating risks inherent with the IoT.
Supply Chain Gains
On the positive side,“The IoT lets managers be more responsive to
changing dynamics,” acknowledged John Beattie, business
continuity/vendor risk expert, Sungard Availability Services.
Greater responsiveness translates into improvements in transportation
safety, product safety, loss reduction, and product tracking.
The pharmaceutical industry’s serialization mandate is a case in
point. Globally, the industry is developing special serial numbers and
barcodes detailing information about the product, its production and
chain of custody for every pallet, carton, and individual container.
Deployment will take years, but this will help pharmacists identify
counterfeit products and help manufacturers issue tightly-targeted
recalls.
Temperature sensors are another example. Used with
temperature-sensitive cargo like foods and pharmaceuticals, the most
sophisticated versions can detect temperature excursions and pinpoint
when and where they occurred, their duration, and their extent. With
real-time alerts, carriers can mitigate damages – re-icing cargo or
rerouting shipments, for example.
In Finland, TTS-Kehitys Oy just began testing the DESERVE
(Development platform for Safe and Efficient dRiVE) project, which links
on-vehicle cameras, radar and laser scanners. Developed in
collaboration with VTT Technical Research Centre of Finland Ltd. and
Inveco Finland, it enables drivers to see obstacles and safety risks, or
to control the vehicle remotely. Commercialization is expected in two
years.
Other systems already are used to improve route planning, increase
productivity, and lower the costs per mile by avoiding traffic jams or
running fully-loaded more often. The consulting firm A.T. Kearney, for
example, estimates carriers can reduce the miles trucks run empty
(called deadheads) by 10 percent just by linking information.
In manufacturing, the IoT enables self-governing processes that
resolve issues at their source, before they escalate. “Even in an empty
facility, the IoT can reduce staffing, using sensors to detect
intrusions,” Beattie said.
Clear Benefits, Looming Threats
IoT’s benefits are real. As deployed devices grow from the 1.2
billion estimated by Verizon and ABI Research in 2014 to the 26 billion
devices Gartner IT -0.93% predicts will be in use by 2020, the security threats are real, too.
The risks are two-fold. Adding billions of new data collection and
transmission points creates billions of potential backdoors into
organizations, and each must be managed.
IT Interconnections
A few years ago, even tech-savvy managers believed SCADA (supervisory
control and data acquisition devices) couldn’t be hacked. They were
wrong. Target TGT -0.9%’s
2013 breach, for example, occurred because hackers infiltrated an air
handling system controller, using it as an entry point for the
retailer’s point-of-sale system.
In another SCADA hack, presenters at 2014’s Black Hat security
conference unlocked a car, started it, and drove it around the parking
lot – all remotely.
About the same time, a hacking contest at the DefCon conference
revealed 15 major security flaws in routers. This year, DefCon is
sponsoring an IoT Village specifically to discuss the IoT and discover
security lapses in IoT devices. (Note: DefCon requires contest
participants to alert each device’s manufacture of vulnerabilities
before making them public.)
Management Challenges
IoT vulnerability is staggering. “Managers now must manage their
immediate risks, and also consider those of their suppliers and
carriers,” Beattie stated.
Today’s supply chain is global, with thousands of IoT devices
reporting to the Web in real or near-real time. Breaching even one of
those devices may let cybercriminals access the networks of multiple
organizations, siphoning data or injecting malware.
Close the Backdoors
To minimize risks, close backdoor access by first understanding
devices’ vulnerabilities and both their outgoing and incoming linkages
with other systems.
Also, while IoT data may be stored in a virtual environment, not all
virtual servers have the same levels of security. Obviously, proprietary
data should be stored on secure server instances, but in a dynamic,
virtual computing environment, that doesn’t always happen.
Update Continuity Plans
Businesses also need to reevaluate their business continuity plans.
Beyond catastrophic loss scenarios, “Now they must focus on ensuring
continuity of critical resources: supplier by supplier, system by
system, and sensor by sensor,” Beattie affirmed.
That includes developing contingencies in case network-monitoring
appliances go offline. If an IoT device is hacked, businesses need an
alternative way to identify the breach and determine which data may be
compromised.
“While IoT can trigger tremendous efficiency, it is offset by demands
for additional controls to protect the organization,” Beattie said.
“Managing it is a balancing act.”
What has been your experience with the Internet of Things and the supply chain? Share your comments!
No comments:
Post a Comment