IT security in SMEs – Threats and Chances for Supply Chains

Abstract

SMEs contribute to 95% of the volume in global manufacturing. While supply chains are usually dragged by the big players, SMEs have a large share in value-creation through all levels of the chains. Due to their nature, SMEs are struggling with resource constraints and the balancing of priorities. The IT security, securing some of the biggest assets of each company, data and knowledge, is assumed to not match the required level in these companies, while SMEs see themselves as being perfectly prepared. Studies show that SMEs overestimate their preparedness in the case of IT attacks; however, studies show that this field in particular is mistreated because of insufficient finances and insufficient human resource capabilities. Being connected through industry 4.0 and smart technologies, SMEs provide a backdoor for intruders to reach data and knowledge of big companies, even in case of a well-established IT security. Alarming research numbers suggest that more than 50% of companies of all sizes and branches have been fallen prey of IT attacks of any kind. Supply chains try to establish a risk management to mitigate such risks upstream to further suppliers. New technologies, such as Blockchain technology, may provide a new framework for IT security, allowing also for resilience, traceability, and anonymity. While these technologies seem promising, they do not solve the issues of the backdoor provided by SMEs in supply chains and neglected by the supply chain risk management.SMEs contribute to 95% of the volume in global manufacturing. While supply chains are usually dragged by the big players, SMEs have a large share in value-creation through all levels of the chains. Due to their nature, SMEs are struggling with resource constraints and the balancing of priorities. The IT security, securing some of the biggest assets of each company, data and knowledge, is assumed to not match the required level in these companies, while SMEs see themselves as being perfectly prepared. Studies show that SMEs overestimate their preparedness in the case of IT attacks; however, studies show that this field in particular is mistreated because of insufficient finances and insufficient human resource capabilities. Being connected through industry 4.0 and smart technologies, SMEs provide a backdoor for intruders to reach data and knowledge of big companies, even in case of a well-established IT security. Alarming research numbers suggest that more than 50% of companies of all sizes and branches have been fallen prey of IT attacks of any kind. Supply chains try to establish a risk management to mitigate such risks upstream to further suppliers. New technologies, such as Blockchain technology, may provide a new framework for IT security, allowing also for resilience, traceability, and anonymity. While these technologies seem promising, they do not solve the issues of the backdoor provided by SMEs in supply chains and neglected by the supply chain risk management.