In Brief

The Shipping News: Security Pays Off

Supply chain security

By Michael Goldberg

September 01, 2006CSO

Investing in security at ports, borders and other junctions of the global supply chain has been a tough sell for security executiveseven for manufacturers and shippers who face post-9/11 government mandates. Part of the problem is that it's easy to track security costs but tough to pinpoint returns. Now Stanford University researchers have a message for CSOs seeking to manage risks like lost, stolen or delayed shipments: Don't focus on costs. Invest in business processes, because improved customer service and supply chain visibility will benefit security too.

A new Stanford report, "Innovators in Supply Chain Security," sponsored by the National Association of Manufacturers and IBM, studied the security-related investments of 11 manufacturers and three logistics service companies. It found that 38 percent of the companies recorded fewer product losses, 37 percent saw less product tampering, and 30 percent noted improvements in identifying, responding to and resolving supply chain problems. Along with these reduced risks came process improvements such as fewer cargo delays (49 percent), fewer cargo inspections (48 percent) and faster shipments (29 percent).

"If you focus only on the direct benefits of security investments, then it's really hard to justify them," says Barchi Peleg-Gillai, director of research at Stanford's Global Supply Chain Management Forum. "You're taking initiatives to try to prevent some unforeseeable event that might take place, to minimize the risk. It's hard to quantify what might be the impact on the company if such an event takes place."

Companies in the study that made investments to improve day-to-day operations including security found quantifiable benefits to both business efficiency and risk management. The study is available at www.nam.org.

Executives for both IBM and Con-Way, one of the logistics companies, say the biggest payoff for their supply chains was improving the predictability of the movement of goods. Their experiences could help other companies to justify the investments needed to comply with security rules like C-TPAT, while also giving some additional insight to policy-makers considering changes to existing rules, says Randal Mullett, vice president of government relations at Con-Way.

The study "will help government entities know who is bearing the cost, and who is benefiting" from supply chain security, Mullett says.

Other stories by Michael Goldberg

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Data Center Directions Virtual Conference

Data Center VCAttend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.

» Learn more and register here

WEBCAST
The Surest Path to Effective and Efficient Compliance

VeriSignIn this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.

» View the webcast

Featured Sponsors
Sponsored Links

Think your data is safe? Think again. It's time to Outthink the Threat. Get eBook now

Configuration Audit and Control for Virtualized Environments

Enabling Compliance with Converged Mainframe Security and Storage

Diebold: Frost & Sullivan Global Physical Security Systems Integrator of the Year

Ponemon Study: How Much Does a Data Breach "Cost"?

Data Protection: Challenges for the Traveling User

Key strategies for C-level executives and security staff

Configuration Assessment: Choosing the Right Solution

The PCI Data Security Standard

Configuration Audit and Control for Virtualized Environments

7 Requirements of Data Loss Prevention

Information Security: Data Drains and How to Prevent Loss

How Are Open Source Development Communities Embracing Security Best Practices?

IDC Defines an Identity and Access Management Submarket

Using Likewise to Comply with PCI Data Security Standard

IDC Defines an Identity and Access Management Submarket for Managing Privileged User Accounts and Meeting GRC Requirements

The Case for Business Software Assurance ~ Securing Your Applications

Forrester Total Economic Impact (TEI) report: Save Millions in Fraud Losses.

Learn how the new Quad-Core AMD Opteron™ processor improves performance

Rolling the dice with your security? Take the Self-Assessment Test now

Take our CSO role survey and receive a copy of the results

Prepare for (ISC)2® Certification With Villanova - Online

Revolutionizing Endpoint Security with a Single Agent

Envision Identity-Based Access Control for the Datacenter

IT Service Management: Metrics That Matter

ITCi White Paper: Challenges and Opportunities of PCI

Effective Security with a Continuous Approach to ISO 27001 Compliance

E-LOAN Maintains Reputation as a Privacy Leader with Symantec

Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands

Prudential Financial Protects its Brand with Symantec

Envision Identity-Based Access Control for the Datacenter

Digital Identity Protection and Data Security Get Personal

Welcome to the age of Service-Oriented Security (SOS)

Everything Today's CISO Needs to Know About Using SSO to Succeed in the Web 2.0 Era

Solving Online Credit Fraud Using Device Reputation