|
As environmental, geopolitical, economic and technological trends shift the way global businesses operate, organizations are urged to reevaluate their risk management policies.
This encouragement comes from a new report by the World Economic Forum that discusses global supply chain disruptions for which companies must prepare.
1. Environmental shifts
This is the topic that spread the most concern through global organizations in the coming year, as natural disasters were ranked as the most-disruptive trigger to influence the supply chain, the report noted. Unfortunately, these occurrences cannot be controlled.
|
 |
Still, companies can prepare by having multiple suppliers and transportation means in place. That way, if one section of the business is shut down, supply chain managers can still operate, even if it is not at full capacity.
2. Geopolitical trends
Political unrest was ranked as the second-highest trigger for global supply chain disruptions in 2012, according to the report. While these incidents are not uncontrollable, they cannot be completely tamed. Instead, WEF classified them as "influenceable," or situations that can be swayed one way or another through time.
As a result of these situations becoming more hostile and troublesome for businesses, the Department of Homeland Security recently released a report aimed at helping companies remain secure in environments outside their governments' control. The agency is also working on standardizing policies across the world to ensure supply chain resilience.
3. Economic concerns
The economy, of course, plays a role in how organizations operate. The World Economic Forum ranked sudden demand shocks as the third-highest issue for global supply chains. This basically boils down to consumer frugality and their lacking desire to spend money.
Again, this type of occurrence is not completely controllable, but can be influenced by companies. One thing that businesses can do is to forget about trying to predict how consumers will spend and instead become a reactive organization, according to an EBN Online report. This will allow them to save money by reducing the storage of unnecessary inventory, enabling them to invest in the final global supply chain disruptor.
4. Technology
Shifts in innovation are something that supply chain managers can control. Even as new solutions enter the market, it is ultimately up to decision-makers whether or not to utilize them.
Communication technologies are the most popular in supply chains. They allow all sections of the business to remain connected, helping companies prepare for each of the other aforementioned disruptions.
|
The payment card industry is undergoing dramatic changes as more consumers and businesses alike utilize mobile devices for making and managing purchases. PCI compliance is just as important as it used to be, though it is becoming more complex as mobile applications are being created, tested and, sometimes, discarded.
As a result, the PCI Security Standards Council will make mobility one of its priorities in the coming year, according to a BankInfoSecurity report.
|
 |
"The adoption of mobile is running rampant, and when it comes to using personal mobile devices, people have not thought about all of the security," PCI SSC general manager Bob Russo said, according to the news source. "We have a task force looking at this, and in 2011 we issued guidance. This year we will be issuing some best practices."
In 2012, the PCI SSC will focus heavily on how organizations can keep data secure in mobile platforms. This can be done through end-to-end encryption technologies, PCI compliance training and a number of other techniques, BankInfoSecurity noted.
Mobile commerce has the ability to completely transform the payment card industry. However, chief information officers should ensure they have secure transaction management solutions in place in order to improve their data loss prevention capabilities, the news source continued.
IT risk management and security should be at the center of an organization's mobile commerce strategies in order to decrease vulnerabilities or the chances of unnecessary exposure, PCI SSC chairman Mike Mitchell said, according to BankInfoSecurity.
As the mobile landscape changes, data breaches are becoming more common, harder to avoid and more crippling to the affected organizations. In its 2012 Endpoint Security Best Practices Survey, Symantec found that more than half of survey respondents that encountered a breach in the last year experienced a significant decrease in productivity. Additionally, another 30 percent of global organizations lost revenue, while 24 percent of participants said their reputation was diminished.
Symantec went further to encourage businesses to take a better stand on security risks by educating employees on PCI compliance, ways to improve data protection and their responsibility and accountability if a breach occurs.
According to the report, more than 80 percent of top-tier companies provide IT risk management and security training to employees.
As the mobile commerce world continues to evolve, preparation and education can be powerful tools to assist the transformation.
|
Every economics class covers the same thing: How to achieve a balance between supply and demand. However, this harmony is often sought, yet rarely achieved by many supply chain managers.
There are many reasons for this, including unpredictable consumer behavior and flaws that are inherently incorporated with long-term supply chain decisions. Nevertheless, there is hope, according to an EBN Online report.
This faith comes in the form of demand-sensing, which is as emerging model that helps supply chain managers take a closer look at how they can remain in balance with demand. In its most basic sense, demand-sensing allows decision-makers to receive information in real time about who is buying what and how it will impact future product availabilities, the news source reported.
|
 |
When these models are correctly initiated, supply chain managers can help their company by reducing the need for just-in-case inventory, improve return on investment, minimize latency and avoid unnecessary risks. However, large supply chains will need more complex communication and collaborative technologies in order to achieve these benefits, EBN Online said.
Still, there are steps that businesses can take in order to improve their supply chain's demand-sensing capabilities, including:
1. Increase visibility between supply chain partners
In order to harness information about changes in demand, it first needs to be accumulated and analyzed, the news source said. By establishing firm connections with different areas of the supply chain, organizations can better process the data and share it.
2. Improve improvisation
Supply chains will need to be agile in order to harness the data that is gathered. For example, if one product is not selling as well as another, supply chain managers need to be able to adjust their quantities quickly without falling out of pace.
3. Establish a sense-and-respond supply chain
This is the final step for having a demand-sensitive supply chain, EBN Online reported. Both of these abilities - recognizing and adapting to changes in demand - need to be executed together, as one without the other will not completely revitalize the company.
In the end, organizations need to understand that efficient supply chains are run through consumption, not forecasting the future. This concept is easy to understand, but the problem lies behind changing comfortable supply chain operations.
As a result, companies should rely more heavily on innovations in technology to help them remain connected with partners and customers, according to a Supply Chain Digital report.
Using new-age communication and collaboration solutions will help them shift their focus to become more efficient.
|
IT risk management is becoming a major part of businesses today as data breaches continue to occur. After reviewing more than 300 data breaches and 2,000 penetration tests from 2011, IT security and compliance solutions provider Trustwave announced trends and best practices for organizations in 2012.
One of the study's findings indicated that data breaches and subsequent investigations are on the rise. The company conducted 42 percent more examinations of incidents in 2011 than 2010, the report said, and there are several reasons why this is happening.
|
 |
Among them is the evolution of sophisticated attacks that are occurring more often. Any organization can fall victim to a data breach if it doesn't have the proper IT risk management policies in place. However, retail stores were one of the most common targets, as their transaction management programs often contain sensitive financial information, the study noted.
Still, there are steps that companies can take to improve their IT risk management practices to better their chances of avoiding these malicious incidents.
1. Employee education
While security software can help keep out authorized users, the best way to avoid a data breach is to have knowledgeable employees who are aware of the risks associated with handling sensitive information. Security awareness should be the foundation of strong data loss prevention practices.
2. User identification
Businesses should be at a point where every operation is tagged to a specific person, Trustwave noted. One way to do this is to implement a data classification program. These technologies only allow certain individuals to access critical data, while enabling employees to label information as sensitive or public. As a result, knowledgeable workers will be able to use their best judgment when it comes to handling information.
3. Standardization of hardware and software
Fragmented technology can be a company's worst enemy when it comes to IT risk management, the report said. By consolidating systems, deconstructing legacy equipment and creating a more homogenous environment, businesses will have fewer variables to monitor, making it easier to protect data, Trustwave noted.
In the end, IT risk management comes down to how the company performs everyday activities. While many believe that innovative technologies are the key to risk and supply chain management, the successful company will be one that prepares through employee education and best practices.
|
During the past year, supply chain management was targeted by Mother Nature, causing managers all over the world to rethink their processes. One weak supply chain practice that was called to attention was the lack of multiple suppliers to maintain operations should a disaster impact the operations of a single provider, according to a Supply Chain Digital report.
As natural disasters, political uprisings and the unstable global economic outlook continue to force companies to close doors, organizations should ensure they have backup suppliers to ensure deliveries are made on time, regardless of unforeseen situations, the news source reported.
|
 |
"Organizations most vulnerable during disasters are those that insist on having just a few suppliers and resist automating their procurement process," industry expert William Gindlesperger said, according to Supply Chain Digital. "You may have the best supplier in the world, but if it is underwater you are stuck without a supplier. You are left scrambling to find a supplier somewhere to deliver what you need, even if the quality doesn’t measure up to what you really expect."
As a result, innovative solutions, like automated procurement, can help organizations stay on track without being limited to one supplier. Traditionally, businesses were restricted to individual partnerships to help them save money and develop relationships. However, if that specific supplier went down, the firm would feel the effect.
With automated vendor selection services, supply chain managers can obtain quotes and services from the highest-quality supplier in their times of need, the news source reported. This is done through complicated algorithms that are generated after the supply chain manager has added at least two dozen trusted suppliers to its database.
When a new supplier is needed, the supply chain manager simply punches in a few specifications the best possible supplier is determined by comparing research with the entered information and the list of trusted providers. The vendors chosen are then required to bid against each other to get the company's business. As a result, organizations can end up saving money while finding last-minute suppliers, Supply Chain Digital noted.
This technology and other innovations will be the focus of April's European conference held by the Council of Supply Chain Management Professionals. At this event, supply chain managers can learn about creative thinking, practices and applications that will help them remain efficient and competitive in the coming years.
|
IT risk management is an important aspect of a successful business, especially those that deal with financial and other sensitive information.
More companies in Ireland, for example, are recognizing that data protection is vital to retain customers, maintain an exceptional reputation and remain competitive with rival firms in the industry.
Unfortunately for these organizations, they are learning these lessons the hard way.
|
 |
According to a study by the Irish Computer Society, IT risk management is becoming a more integral part of business operations not because of successful training and policy programs but because of first-hand experiences with data breaches. In fact, 58 percent of the more than 300 IT administrators surveyed said their company was victim to a breach within the past 12 months, the study noted. Interestingly, these incidents weren't caused by external powers, but instead were mainly derived from employee negligence, lack of awareness or internal operations failing to remain diligent.
As a result, more than one-third of survey respondents said their company places IT risk management too low on the list of priorities. Meanwhile, 28 percent of information technology administrators believe the problem is sheer employee negligence, as an additional one-third of respondents were unsure if their organization even had a form data protection policy in place, according to ICS.
"Employees might appreciate the importance of data security, but organizations need to instill a culture of compliant data management," ICS consultant Hugh Jones said in the report. "Clear policies and procedures are vital, with regular refresher training and timely reviews to ensure that [staff members] are complying with the structures. It is as much a case of protecting the organization's commercial reputation, as it is of protecting the individual's privacy."
Assessing and identifying the potential risks is an important part of managing the situations. Organizations should consider what data is sensitive and how they can protect it efficiently without disrupting the entire company.
This is especially important in transaction management for firms that deal with customer finances. PCI compliance is an important part of these organizations and administrators should ensure that regulations and guidelines for their particular industry are followed.
Taking a companywide approach to the problem is the only way to mitigate risk, as IT likely penetrates the entire business and will affect more than one aspect of it if something goes wrong.
|
As a way to cut spending, more organizations are beginning to shift their supply chains to a more global scale. While this trend helps reduce transportation costs and other expenditures, it also makes risk management a much more important aspect of the business.
This is because complying with international regulatory trade requirements is not always simple, according to an IndustryWeek report.
Neglecting laws can be extremely detrimental to a company's operations, as the fines could reverberate through all aspects of supply chain management.
|
 |
And punishment can go beyond the financial realm, as jail time is also an option for managers claiming ignorance of the rules, the news source reported. This, of course, is leading more companies to have stricter operational and IT risk management policies.
According to IndustryWeek, major trade regulations are expected to be implemented early this year, requiring organizations to potentially reclassify nearly half of their components, resources and end-result products that are transported internationally. While many enterprise resource planning systems can help businesses maintain correspondence with their traveling goods, these solutions will also require an updated IT risk management policy, especially if these services are new to a company.
Meanwhile, global supply chain managers need to incorporate plans for natural disasters that occur around the world, as these too can be felt through an entire business, the news source noted. For example, the volcanic eruption in Iceland and last year's earthquake in Japan rocked a number of industries to their core.
In general, organizations with global supply chains should follow three best practices, including:
- Shift compliance activities as far along the process as possible.
- View compliance as a collaborative management service across multiple areas of the company and supply chain.
- Monitor non-compliance rates with the rest of the industry, allowing the company to make improvements to remain competitive.
Companies may also wish to follow new strategies for global supply chain management that were recently released by the Department of Homeland Security. These initiatives offer guidelines for fast recovery from supply chain disruptions, how to facilitate international trade and travel, as well as how to perform operations effectively in the time of a crisis, according to the DHS.
In the end, global supply chains can greatly benefit a company, but only if they are managed properly and remain compliant.
|
As cloud computing, social networking and other internet-based technologies emerge within the enterprise, traditional on-site application integration solutions are being replaced by cloud-based services.
This is the normal way of evolution, as legacy equipment and software get replaced by newer, more efficient models. The main reason for this is that old application integration technologies simply can't perform the same as new versions, according to a SYS-CON Media report.
|
 |
Additionally, as modern software becomes more complex and mature, the entire application integration market must also adapt to bring all the new technologies together, the news source reported.
However, not everything needs to be ripped up and replaced, as there are still some integration solutions that can be manipulated. This is because a lot of today's technologies and those from the past are similar. The evolution of data and applications through multiple platforms is demanding changes in the integration suites that combine them. This is especially true for companies that are planning to implement or already have deployed cloud-based solutions, according to the news provider.
In years past, the "center of effort" for integration was the mainframe because everything was tied somehow to this system. Throughout the past few decades, on the other hand, the shift toward data centers occurred. This led applications to be migrated to servers which were stored in these silos and connected through local or wide area networks, SYS-CON Media said.
Now, however, everything is becoming integrated into the cloud, including servers and applications. As a result, it makes sense to migrate the physical act of integration to the cloud. This will likely be a trend that is seen throughout 2012, especially as the demand for Software-as-a-Service and other cloud-based offerings increases, the news source noted.
The report also noted that roughly 95 percent of companies plan to implement cloud-based application integration in the future, while 40 percent plan to do so within two years.
According to a Gartner report, the SaaS market in North America alone will be worth nearly $13 billion by 2015, growing from $6.5 billion in 2010. This suggests that the software is rapidly making its approach to the cloud and that application integration services should follow.
The New Year is now in full effect, and businesses need to remain diligent about hitting supply chain goals. This is especially true after witnessing a less-than-stellar 2011. For example, the high-tech supply chain should take a stronger focus on risk management policies after falling victim to the tsunami in Japan, the Thailand floods and the global economy's unpredictability, according to an EBN Online report.
While many organizations were frightfully unprepared for these types of events, the majority of them took the disasters as a wakeup call. Now, companies are integrating disaster recovery and business continuity into their supply chain management programs in order to be prepared if similar incidents happen in the future, the news source reported.
Interestingly, however, many of the high-tech organizations that were affected by these incidents were victims of their own designs, EBN Online noted. In a sense, the demand to be mobile and extend global reaches compounded the damages. Still, these trends of expansion, flexibility and mobility will not go away and instead will require supply chain management to become more dynamic, rather than simply being responsive to these incidents.
Dynamic supply chains should be all about end results. These include financial, tactical and strategic outcomes, with the financial and tactical coming from the organization's core strategy, which could be growth, speed or price competitiveness or superiority in the market, the news source noted. It can also come from customer service, which, believe it or not, is a major aspect of supply chain management.
Nevertheless, the ability to expand a supply chain across global borders has cost companies large initial investments but will help reduce complexities in the long run, EBN Online reported.
One thing that businesses are likely to do in 2012 is improve visibility by using new technologies, according to an IGD report. The use of new services will accelerate, leading the supply chains that utilize these solutions to the best of their ability to keep pace and stay ahead of the competition.
New challenges emerge for supply chain manager every day and will continue to do so throughout 2012. Companies will need to improve transparency while matching goals related to customer satisfaction, employee efficiency and product quality in order to be successful this year.
|
As a way to reduce costs and infrastructure complexities, many retailers are migrating their transaction management processes to cloud computing environment. However, PCI compliance still applies to the cloud, and merchants should be aware of the standards required of them to keep sensitive customer information safe, according to a TechTarget report.
"You may approach a vendor that offers cloud services and they may have been validated as a PCI-compliant provider, but putting your payment systems in their environment does not make you compliant," Michael Dahn of PricewaterhouseCoopers said, according to TechTarget.
|
 |
While there are many benefits of migrating to the cloud, including fewer maintenance responsibilities, businesses should also be aware of the challenges they may encounter. After all, PCI compliance relates to the service being delivered, not the back office operations, the news source reported.
As a result, merchants should have detailed service-level agreements in place that determine accountabilities in regards to certain security incidents. Retailers should also know who is responsible for maintaining and monitoring the data security practices in place, TechTarget said.
"There are many merchants that have been using cloud services for their payment processes for a long time," Forrester Research analyst Chenxi Wang said, according to TechTarget. "While merchants are ultimately responsible, there's shared responsibility with the cloud provider."
Nevertheless, the migration to the cloud should not be feared or avoided. Taking early precautions can help businesses avoid common mistakes and, as a result, allow companies to perform electronic data interchanges better while saving money, the news source noted.
One thing to do in preparation is know what applications, services and processes will be moving to the cloud, TechTarget said. This will give companies a better understanding and view of the entire process, allowing them to make adjustments for a smoother and more secure transition.
Additionally, if retailers maintain complete control over the cardholder environment, it will be easier to manage.
That way, companies can, for instance, use EDI and other secure file transfer solutions through the cloud, while the merchant governs over the information. In fact, more cloud providers are providing EDI support in today's business world, according to Gartner Research. This is making the transportation of data between companies simpler and more secure.
In the end, PCI compliance in the cloud comes down to how well the retailer plans its migration and processes.