In the evolving cybersecurity industry, one of the biggest takeaways from the COVID-19 pandemic is how fragile supply chains are in healthcare. Over the last two years, healthcare leaders have struggled with the challenges of preparedness, resiliency, continuity, and a secure supply chain. Healthcare supply chains have become easy targets for cyber attacks despite the crisis, chaos, and shortages of supplies, personal protective equipment (PPE), and employees.
Healthcare requires a unified organizational view of third-party and supplier risk and vulnerabilities across the enterprise more than any other industry. Business continuity and resiliency plans must be developed across all third-party technology vendors and non-technical suppliers from the start. The “set it and forget” approach to risk management is no longer acceptable. Continuous and proactive monitoring of these risks across the supplier lifecycle and relationships is crucial for protecting patient safety, data, and care delivery.
The British Standards Institution (BSI) recently published a Supply Chain Risk Insights Report addressing the importance of delivering supply chain resilience and recommendations for 2022. The Supply Chain Risk Insights Report offers insight and resources about the supplier demand for cybersecurity. This report also stresses the importance of understanding suppliers, ensuring sustainability, adapting to multiple challenges, and unlocking potential opportunities. The report states: “As we head towards 2022, it’s clear that we won’t be turning the page on COVID-19 anytime soon, so when it comes to working with business partners and suppliers, we’re going to need to be patient, flexible, and creative in ways the world could never have imagined back in 2019.”
David Fairnie, Principal Consultant, Supply Chain Security at BSI, states that within the last 18 months, organizations have had to make significant changes to their resilience plans. Many are still in crisis management due to the impact of the pandemic. Farnie summarizes the situation: “I’m seeing a significant number of false suppliers acting as genuine potential suppliers in supply chain logistics provision –warehousing distribution, distribution centres, transportation companies – and actually, they are criminal groups trying to infiltrate the logistics supply chain.” Clearly the process and procedure in healthcare risk management need to be addressed, and the relationships with suppliers needs to be nurtured. More than ever, it is critical to “conduct proper due diligence” when onboarding suppliers, including assessing all risks, especially fraud.
Censinet has been working hard to create a better solution in risk management to help identify, reduce, and monitor the likelihood and business impact of cybersecurity breaches and ransomware attacks. Earlier this month, we announced a new offering, Censinet RiskOps for Supply Chain, a significant extension to our core platform to help protect the healthcare supply chain. Censinet RiskOps is the first and only third-party risk management platform built by and for healthcare organizations to manage the threats to patient care that exist within an expanding ecosystem of more than 26,000 assessed vendors and products. Censinet RiskOps for Supply Chain can now quickly assess non-technical suppliers’ risks, generate reports based on data and access insights, improve vendor-engagement workflow, and proactively reduce risks through automated corrective action plans. This capability enables the healthcare supply chain team to move significantly faster through the procurement process while managing technical and non-technical supplier risks. Censinet RiskOps helps provide actionable risk insight to improve decisions made in real-time by both suppliers and healthcare providers and ultimately improve patient care quality.
I am pleased to announce that Censinet RiskOps for Supply Chain is available now. For more information on how healthcare organizations can reduce and avoid the impact of supply chain risks, please click here. How has your healthcare organization been managing supply chain risk through the pandemic? Send me your stories and thoughts here.
We’ll also be hosting a live webinar on supply chain risk featuring two prominent healthcare information veterans: Eric Yablonka, former CIO and Associate Dean at Stanford Health Care and School of Medicine, and Karl West, past CISO Intermountain Healthcare. Watch it live or on-demand.
CEO and Founder, Censinet