“Biden also mentioned Russia and China as growing threats to American national security and noted the growing wave of cyberattacks, including ransomware attacks, against government agencies and private industry that U.S. officials have linked to agents in both countries.” – The Canadian Press (July 28, 2021)
If you are like most procurement professionals, you probably wonder why—beyond a general and reasonable concern—we should be all that interested in cyberthreats.
After all, isn’t it the responsibility of the IT department to fend off any unwanted and threatening intruders?
Traditionally, you would be right, in that it has always fallen on IT professionals to ensure that the most effective security measures are maintained. However, consider this: More than 50% of all security breaches occur through or originate with third parties, including suppliers.
And who is responsible for your organization’s suppliers?
Welcome to the brave new world of the future of procurement.
When we use the term “new world,” we are talking about the seemingly seismic shift away from the traditional areas on which procurement focuses its attention. You know to what we are referring.
However, replacing things such as our myopic and monolithic concern with cost savings is a new and more demanding set of imperatives.
The reference to the rising number of security breaches throughout our supply base illustrates a progressive responsibility for procurement, especially given what a breach means. According to research, the dwell time for a breach—the period between initial penetration and its discovery—is six months.
Think about that in the context of a robber looting through your home undetected for six months, and consider that it takes up to three more months to resolve the situation and restore security. Also, bear in mind the amount of damage an intruder can cause over such a time period.
Beyond the expanded responsibilities to address supplier encroachment, procurement must also address data modernization and talent misalignment.
We have also become desensitized to increasing expert admonishment urging procurement to take an active part in data cleansing. However, the importance of having clean and accessible data is still an overshadowing issue.
According to IDC, only 5% of all data is analyzed, with 55% tagged as dark data. If you are not familiar with the term, dark data is the information that is collected but never utilized.
This begs the question: With only 5% of the information companies gather being used, how can procurement make sound buying decisions? Also: How can the future of procurement quantify its real performance and value?
As a result, we must take a proactive role in converting information into actionable knowledge; otherwise, how will we prove our “true” value to our respective organizations?
In recent years, CPOs have lamented that their current teams do not possess the necessary skills to help them achieve their strategic objectives.
But is the problem a lack of talent? Or is it misalignment?
And what do we mean by misalignment, exactly?
Are your company’s goals or incentives aligned with achieving the right outcome?
With increasing awareness, we now realize that practices such as constantly rewarding savings and constantly squeezing suppliers damage the buyer-supplier relationship with far-reaching and negative consequences.
Given the critical role that good supplier relations play in a sound procurement strategy, problems in this area have little to do with talent and more to do with misaligned practices and objectives.
The three examples above show how the future of procurement must refocus its energies. There are others, which we will cover in future posts, but these represent a good starting point.