SlideShare a Scribd company logo

Cybergefahren in der digitalen Supply Chain - Roger Müller

B
Beat Fischer

Cybergefahren in der digitalen Supply Chain

Technology
1 of 24
Download to read offline
Cybergefahren in der digitalen Supply Chain The PRISM of PRIvacy, Security and regulatory coMpliance Roger Müller, Director PwC Consulting and Head Supply Chain & Operations, PricewaterhouseCoopers AG Rodney Fortune, Manager, Cybersecurity, PricewaterhouseCoopers AG
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 The fourth industrial revolution has started – But.. …is your Supply Chain safe against cyber threats? Flexibilityandcomplexity Industry 1.0 Steam engine manufacturing Industry 2.0 Mass production and assembly lines Industry 3.0 Automation and robotic Industry 4.0 Digitization and Integration of Value Chains and Products/ Services (Internet of Things/Services) New Digital Business models Integrated Data Analytics as core capability Digital Enterprise End of 18th century Beginning of 20th century 1970s 2015+ 1800 1900 2000 2014 2020
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Towards a new industrial revolution – The Industry 4.0 framework Source: PwC Industry 4.0 Study, 2015 Innovative digital business models III IV Digitization of product and service offerings Digitization and integration of vertical and horizontal value chains Industry 4.0 II Compliance, security, legal & tax Digital Enablers Organisation, employees and digital culture IT Architecture and data management Digital Coreelements Because of the Internet, mobile devices, applications, and cloud computing, companies and their suppliers can now share a large amount of data at the click of a button. Today, information about everything from order volumes and capacity status to activity-based management protocols and transportation metrics is electronically transmitted between business partners. Cybersecurity is essential in order for Industry 4.0 to work, not only in technological terms, but also in terms of the processes in the value chain.
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 The integrated use of data is the core capability within the framework of Industry 4.0 Importance of data and analysis capabilities within Industry 4.0 93% 76% 68% 61% 61% 54% 5% 22% 20% 27% 27% 20% 2% 2% 12% 12% 12% 26% Generation of additional data (e.g. through expanded sensor technology) Use of realtime data to control production Clear labeling (barcode, RFID, NFC) Use/exchange of data with cooperation partners Analysis of extensive amounts of data in real time Efficient exchange of data along the own value-add chain Neither nor (3) Not important (1,2)Important (4,5) Source: PwC Industry 4.0 Study, 2015
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Cyber Threats are real and affect business and life 91% of large organisations and 87% of small businesses had security breaches in the last year • Cyber security is now a persistent business risk • Organisations are undoubtedly worried about the rising tide of cybercrime • Looking at security investments by industry shows that spending is down in most sectors, with a few notable exceptions. • The black markets for stolen data are growing in size and complexity. Source: PwC 2015 The Global State of Information Security Survey 2015 91% 87%
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 The dilemma: functionality and simplicity versus security Digitization Globalization The human being The 10-80-10 rule of honesty: According to insiders, it is considered proven that only 10% of adults are completely honest. For80%, it depends on the environment and 10% are dishonest. The digital transformation will change the way how people do business The danger to businesses and their customers from hacking and cyberattacks has become pervasive The markets and the customers are globally not locally Laws and regulations as well as jurisdiction is national
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Industry 4.0 and Security – Trust versus Risk profile? Cybersecurity is more than an IT challenge—it’s a business imperative. New technologies, well-funded and determined adversaries, and interconnected business ecosystems have combined to increase your exposure to cyberattacks. Your critical digital assets are being targeted at an unprecedented rate and the potential impact to your business has never been greater. Can I trust my communication tools? Can I trust my data and information? Can I trust my my identity? Can I trust my business partner? Can I trust my technology?
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Industry 4.0 - Adapt to the new realities of cybersecurity With Industry 4.0 Information and Data has become a critical supply chain asset, making it increasingly important to protect your data. Information sharing is not limited to supply chain functions like transportation, distribution, logistics, warehousing, inventory management, sourcing, procurement, and order and production planning. Companies share proprietary data across their value chain. Supply chain managers must play a larger role in cybersecurity Purcha- sing Production Logis- tics Planning Company CustomerSupplier Supplier network Cooperation partner Customer network Purchasing Production Logistics Sales Product Development (R&D) Planning Service Horizontal value-add chain (Network) Vertical value-add chain (Company)
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Each organisation has a unique environment and therefore specific requirements Technology Risks Your business vision Business processes Business applications Devices, systems and platforms Network and communication Digital data  Identify valuable data  Identify threats & risks  Apply appropriate protection
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Industrial processes demand a high level of connectivity between components of a vertical supply chain Vertical integration of supply/value chain processes • Cyber attacks to CPS systems (incl. industrial espionage) • Privacy • Reverse Engineering • Knowledge of Hardware by integrators, incl. manufacturers • Non-restricted staff access to critical components, systems and data Potential Cyber ThreatsPlanning/ ERP Planning Manufacturing Execution System (MES) Cloud/data management Enterprise Resource Planning (ERP) Horizontal integration with partners Machine to machine communication Engineering for “lot size” Cyber SecurityShop floor Machine Sensors/ Control Product Sensors & control Internet of things New technologies (e. g. 3D print) Autonomous logistics
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Digitally driven horizontal integration across value chains allows the creation of a virtual SC model Integrated Planning & Operations – Cross-Tier Inventory Optimization Digital Implications Suppliers OEM DealerTier 1 Plants End Customer Make to OrderMake to Order InventoryMachiningAssemblyInventory Tier 1 HQ Market 1 Market 2 Engine 1 Engine 2 Engine n Forecast Forecast Planning ForecastForecast Real-time/near-real-time forecast data propagation can increase efficiency, e. g., optimizing supplier inventory levels Virtual Supply Chain Model Information Flows Components Suppliers IDMs Contract Electronics Mfg P S M D Customers OEM P S M D Material Flows P S M D P S M D P S M D Information Hub Components Suppliers / IDMs OEM/CEM P S M D P S M D P S M D Material Flows Customers P S M D
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Greed, absence of ethics and weak prosecution / sanctions Adversary motives and tactics evolve as business strategies change and business activities are executed. Not only the ‘good guys’ use technology for their benefit (CCaS/Cyber Crime as a Service))! Organized crime Hacktivists Nation state Adversary Insiders What’s most at risk? Input from Office of the National Counterintelligence Executive, Report to Congress on the Foreign Economic Collection and Industrial Espionage, 2009-2011, October 2011. Emerging technologies Executive travel Automation Health and safety records Business deals information Information and communication technology and data Industrial Control Systems (SCADA) Geological surveys and industrial design (Intellectual Property) Third party connections
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Industry 4.0 and Data Security – Introducting the concept of «PRISM» Digital operations (Industry 4.0) Dependence and abuse of IT increases (cyber resilience) Megatrends Business processes of the firm Applied Digital Trust (PRISM) Digital PRIvacy Cyber Security Regulatory CoMpliance Supply chain Suppliers Clients
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Applied Digital Trust (PRISM) as an integral part of electronic business processes Guiding Principles: 1. Processes should be designed and displayed electronically, that the system only allows what is possible 2. Process steps must be designed in a way that controls are integrated and compliance-related data are collected systematically and continuously 3. Data analysis and continuous auditing lay the foundations that compliance-related data are systematically analyzed and reported Process Integrated Compliance Processes Controlling und QA* Data Measuring Measuring Measuring Access data Process data Transaction data Reports Data Analytics / BIG DATA * Quality assurance
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Applied Digital Trust (PRISM) requires the collection and preparation of relevant data People, Processes, Technology Governance & Control Framework Security, Privacy, Compliance Information (big data) Digital Data classified, separated in trust-domains ICT Infrastructure on premise, outsourced or in the cloud User and devices trusted? Compliant? Sec & Compliance Layer 2: Infrastructure and data access Sec & Compliance Layer 1: user and device identification PRISM Dashboard(s) Strategy and risk appetite Infrastructure,Device,Data Mgmt. Regulation & Standards@ Sec & Compliance Layer 3: Gateways and zone transitions Compliance Mgmt. Data analytics (SIEM, etc.) Requirements & policies
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Two options how to avoid digital data loss: A: protect and monitor or B: detect and respond ‘Crown jewels’ must be identified and their protection prioritised, monitored and adjusted accordingly. • Technology risk strategy • Security architecture • Target operations model • Security governance • Security assessments • Breach indicator assessment • Data analytics for security information • Threat intelligence Detect malware, attacks and data exfiltration quickly and reliably • Incident response • Forensic services • Crisis management • eDiscovery • Data analytics Respond to incidents efficiently and effectively. Remediate and learn. Monitor & DetectPrevent & Protect Respond & Remediate ‘Data protection by design’ by considering people, processes and technology
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Five Steps to identify and protect enterprise data appropriately Assess cyber risks and ensure risk landscape is aligned with risk appetite. Reduce, avoid or transfer inacceptable risks Select applicable cyber threat scenarios (10-15) and analyse impact to your business data and customer data Identify your most valuable information assets, align your cyber security strategy with business objectives and get funding Analyse current safeguards and their effectiveness, assess vulnerabilities in your infrastructure and supply chain Implement safeguards, monitor effectiveness, improve processes for earlier detection and reduce the time from detect to respond 1 2 3 4 5
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Summary: Applied Digital Trust by PRISM Privacy, Security and regulatory compliance? Stepwise procedure: 1. The industrial sector will change in the coming years due to the industrialization / digitization  This is a chance to integrate "Applied Digital Trust" 2. Digital Trust calls for requirements of privacy, security and regulatory compliance that are formulated not only as a policy, but are integrated into the technical infrastructure 3. Security, privacy and compliance should be consolidated into a common architecture and integrated in the process (and not appended) 4. The processes should be designed in a way that only those things are possible, which are permissible 5. Controls should be designed so that their effectiveness is constantly measured and the enforcement of the rules is ensured 6. Digital Trust shall define which reports are to be generated in order to provide quality assurance / that the auditor are satisfied Applied Digital Trust through PRISM is the discipline of designing products or processes that have very low tolerances, are repeatable, and are stable over time
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Thank you - Your PwC Industry 4.0 experts Talk to us… PwC Risk Assurance PricewaterhouseCoopers AG Birchstrasse 160 CH-8050 Zurich Switzerland Direct +41 58 792 19 46 Mobile + 41 79 128 67 61 rodney.fortune@ch.pwc.com www.pwc.ch Rodney Fortune Manager Cybersecurity Cybersecurity: Threat, Vulnerability & ICS Specialist, Switzerland PwC Management Consulting PricewaterhouseCoopers AG Birchstrasse 160 CH-8050 Zurich Switzerland Direct +41 58 792 1637 Mobile +41 79 878 3180 roger.mueller@ch.pwc.com www.pwc.ch Roger Müller Director Head Supply Chain & Operations Switzerland, Industry 4.0 Lead
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 PwC’s Global Operations Consulting Network – From Strategy to Execution (Category of One) PwC's global operations practice connects clients' strategies with execution. We start with the premise that operations can and should be a strategic asset, and we bring the industry, functional, and technology depth required to rapidly close the gap between ideas and results. Integrated, best-of-breed capabilities and thought leadership Unique combination of strategy, operations, technology, and marketing capabilities to support future consumer businesses
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 PwC’s Global Operations Consulting Network – From Strategy to Execution (Category of One) Together, we bring more than 250 years of experience helping global clients solve their toughest problems Global Supply Chain strategists network with more than 4.500 consultants Unique Supply Chain Strategy, Operations and Execution service portfolio Practical strategists committed to our client’s success Leading Supply Chain Strategy firm Local teams with access to global network Broad and in-depth experience Approach Management Consultants & Coaching oriented consulting approach using know-how and methodology Industry 4.0 Tax & Custom SCM Benchmarking Supply Chain Reference Model (SCOR) Plan Source Make Deliver Swiss-based core team and technical subject matter experts, well linked into
© GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 We think and advise on end-to-end processes across the entire Supply Chain  How does my supply chain performance compare to that of my competitors?  How confident are we in the resiliency of our supply chain operations?  How do we quickly assess our functional strengths and weaknesses?  How can we maximize return on our existing assets and gauge the value of future improvements?  How do we align our supply chain initiatives with overall strategic objectives?
28.10.2015 | © GS1 Switzerland 2015 | 52 Disclaimer This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers AG, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2016 PwC. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers AG which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity.

Recommended

Iot walmart-case study
Iot walmart-case studyIot walmart-case study
Iot walmart-case studyAravind G
 
The Digital Value Cake
The Digital Value CakeThe Digital Value Cake
The Digital Value CakeTHE MAIN
 
Ftrace Traceability - Jonas Batt
Ftrace Traceability - Jonas BattFtrace Traceability - Jonas Batt
Ftrace Traceability - Jonas BattBeat Fischer
 
TGW008-OnlineGroceryWhitePaper
TGW008-OnlineGroceryWhitePaperTGW008-OnlineGroceryWhitePaper
TGW008-OnlineGroceryWhitePaperAndrew Lockhart
 
Swiss food retailer Coop relies on TGW for expansion of its central distribut...
Swiss food retailer Coop relies on TGW for expansion of its central distribut...Swiss food retailer Coop relies on TGW for expansion of its central distribut...
Swiss food retailer Coop relies on TGW for expansion of its central distribut...Andrew Lockhart
 
Supply Chain Management - Trends, Aufgaben, Ziele + Beispiele
Supply Chain Management - Trends, Aufgaben, Ziele + BeispieleSupply Chain Management - Trends, Aufgaben, Ziele + Beispiele
Supply Chain Management - Trends, Aufgaben, Ziele + BeispieleeEvolution GmbH & Co. KG
 
Home Delivery World - Scaling Click and Collect Beyond the Store
Home Delivery World - Scaling Click and Collect Beyond the StoreHome Delivery World - Scaling Click and Collect Beyond the Store
Home Delivery World - Scaling Click and Collect Beyond the StoreAndrew Lockhart
 
Supply Chain Management
Supply Chain ManagementSupply Chain Management
Supply Chain ManagementUNITY
 

Recommended

Iot walmart-case study
Iot walmart-case studyIot walmart-case study
Iot walmart-case studyAravind G
 
The Digital Value Cake
The Digital Value CakeThe Digital Value Cake
The Digital Value CakeTHE MAIN
 
Ftrace Traceability - Jonas Batt
Ftrace Traceability - Jonas BattFtrace Traceability - Jonas Batt
Ftrace Traceability - Jonas BattBeat Fischer
 
TGW008-OnlineGroceryWhitePaper
TGW008-OnlineGroceryWhitePaperTGW008-OnlineGroceryWhitePaper
TGW008-OnlineGroceryWhitePaperAndrew Lockhart
 
Swiss food retailer Coop relies on TGW for expansion of its central distribut...
Swiss food retailer Coop relies on TGW for expansion of its central distribut...Swiss food retailer Coop relies on TGW for expansion of its central distribut...
Swiss food retailer Coop relies on TGW for expansion of its central distribut...Andrew Lockhart
 
Supply Chain Management - Trends, Aufgaben, Ziele + Beispiele
Supply Chain Management - Trends, Aufgaben, Ziele + BeispieleSupply Chain Management - Trends, Aufgaben, Ziele + Beispiele
Supply Chain Management - Trends, Aufgaben, Ziele + BeispieleeEvolution GmbH & Co. KG
 
Home Delivery World - Scaling Click and Collect Beyond the Store
Home Delivery World - Scaling Click and Collect Beyond the StoreHome Delivery World - Scaling Click and Collect Beyond the Store
Home Delivery World - Scaling Click and Collect Beyond the StoreAndrew Lockhart
 
Supply Chain Management
Supply Chain ManagementSupply Chain Management
Supply Chain ManagementUNITY
 
Supply Chain Management
Supply Chain ManagementSupply Chain Management
Supply Chain ManagementShubham Bhutada
 
Basics of Supply Chain Managment
Basics of Supply Chain ManagmentBasics of Supply Chain Managment
Basics of Supply Chain ManagmentYoussef Serroukh
 
Study on Media Supply Chain Solutions
Study on Media Supply Chain SolutionsStudy on Media Supply Chain Solutions
Study on Media Supply Chain SolutionsHochschule der Medien
 
LinkedIn powerpoint
LinkedIn powerpointLinkedIn powerpoint
LinkedIn powerpointguest2137df
 
Supply Chain Management
Supply Chain ManagementSupply Chain Management
Supply Chain ManagementNurhazman Abdul Aziz
 
26 Disruptive & Technology Trends 2016 - 2018
26 Disruptive & Technology Trends 2016 - 201826 Disruptive & Technology Trends 2016 - 2018
26 Disruptive & Technology Trends 2016 - 2018Brian Solis
 
TEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of WorkTEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of WorkVolker Hirsch
 
CyberSecurity in Germany: Research Trends, Industrial Hub and Leading Clusters
CyberSecurity in Germany: Research Trends, Industrial Hub and Leading ClustersCyberSecurity in Germany: Research Trends, Industrial Hub and Leading Clusters
CyberSecurity in Germany: Research Trends, Industrial Hub and Leading ClustersGerd Meier zu Koecker
 
[Europe merge world tour] PAC Importance of Embedded Software
[Europe merge world tour] PAC Importance of Embedded Software[Europe merge world tour] PAC Importance of Embedded Software
[Europe merge world tour] PAC Importance of Embedded SoftwarePerforce
 
Industry 4.0 Overview
Industry 4.0 OverviewIndustry 4.0 Overview
Industry 4.0 OverviewCatalyst Investors
 
WHY WE NEED AN EUROPEAN LOGISTICS DATA SPACE
WHY WE NEED AN EUROPEAN LOGISTICS DATA SPACEWHY WE NEED AN EUROPEAN LOGISTICS DATA SPACE
WHY WE NEED AN EUROPEAN LOGISTICS DATA SPACEThorsten Huelsmann
 
Digital grid: Disruptive digital technologies
Digital grid: Disruptive digital technologiesDigital grid: Disruptive digital technologies
Digital grid: Disruptive digital technologiesAccenture the Netherlands
 
TA CR Day - Industrie 40 (Ralf Wehrspohn, Fraunhofer Institute)
TA CR Day - Industrie 40 (Ralf Wehrspohn, Fraunhofer Institute)TA CR Day - Industrie 40 (Ralf Wehrspohn, Fraunhofer Institute)
TA CR Day - Industrie 40 (Ralf Wehrspohn, Fraunhofer Institute)Technologická agentura ČR
 
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...Nicolas Beyer
 
OT-IT convergence and IoT: innovate at scale and mitigate cyber risks
OT-IT convergence and IoT: innovate at scale and mitigate cyber risksOT-IT convergence and IoT: innovate at scale and mitigate cyber risks
OT-IT convergence and IoT: innovate at scale and mitigate cyber risksOrange Business Services
 
DWS16 - Connected things forum - Samuel Ropert, IDATE DigiWorld
DWS16 - Connected things forum - Samuel Ropert, IDATE DigiWorldDWS16 - Connected things forum - Samuel Ropert, IDATE DigiWorld
DWS16 - Connected things forum - Samuel Ropert, IDATE DigiWorldIDATE DigiWorld
 
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech ExpoCurrent state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech ExpoKnud Lasse Lueth
 
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech ExpoCurrent state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech ExpoIoTAnalytics
 
CTO-Frühjahrsforum_Huawei_20190412
CTO-Frühjahrsforum_Huawei_20190412CTO-Frühjahrsforum_Huawei_20190412
CTO-Frühjahrsforum_Huawei_20190412MIPLM
 
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIMData Driven Innovation
 
Privacy and security policies in supply chain
Privacy and security policies in supply chainPrivacy and security policies in supply chain
Privacy and security policies in supply chainVanya Vladeva
 
BigDataPilotDemoDays - I BiDaaS Application to the Manufacturing Sector Webinar
BigDataPilotDemoDays - I BiDaaS Application to the Manufacturing Sector WebinarBigDataPilotDemoDays - I BiDaaS Application to the Manufacturing Sector Webinar
BigDataPilotDemoDays - I BiDaaS Application to the Manufacturing Sector WebinarBig Data Value Association
 

More Related Content

Viewers also liked

Basics of Supply Chain Managment
Basics of Supply Chain ManagmentBasics of Supply Chain Managment
Basics of Supply Chain ManagmentYoussef Serroukh
 
Study on Media Supply Chain Solutions
Study on Media Supply Chain SolutionsStudy on Media Supply Chain Solutions
Study on Media Supply Chain SolutionsHochschule der Medien
 
LinkedIn powerpoint
LinkedIn powerpointLinkedIn powerpoint
LinkedIn powerpointguest2137df
 
26 Disruptive & Technology Trends 2016 - 2018
26 Disruptive & Technology Trends 2016 - 201826 Disruptive & Technology Trends 2016 - 2018
26 Disruptive & Technology Trends 2016 - 2018Brian Solis
 
TEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of WorkTEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of WorkVolker Hirsch
 

Viewers also liked (7)

Supply Chain Management
Supply Chain ManagementSupply Chain Management
Supply Chain Management
 
Basics of Supply Chain Managment
Basics of Supply Chain ManagmentBasics of Supply Chain Managment
Basics of Supply Chain Managment
 
Study on Media Supply Chain Solutions
Study on Media Supply Chain SolutionsStudy on Media Supply Chain Solutions
Study on Media Supply Chain Solutions
 
LinkedIn powerpoint
LinkedIn powerpointLinkedIn powerpoint
LinkedIn powerpoint
 
Supply Chain Management
Supply Chain ManagementSupply Chain Management
Supply Chain Management
 
26 Disruptive & Technology Trends 2016 - 2018
26 Disruptive & Technology Trends 2016 - 201826 Disruptive & Technology Trends 2016 - 2018
26 Disruptive & Technology Trends 2016 - 2018
 
TEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of WorkTEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of Work
 

Similar to Cybergefahren in der digitalen Supply Chain - Roger Müller

CyberSecurity in Germany: Research Trends, Industrial Hub and Leading Clusters
CyberSecurity in Germany: Research Trends, Industrial Hub and Leading ClustersCyberSecurity in Germany: Research Trends, Industrial Hub and Leading Clusters
CyberSecurity in Germany: Research Trends, Industrial Hub and Leading ClustersGerd Meier zu Koecker
 
[Europe merge world tour] PAC Importance of Embedded Software
[Europe merge world tour] PAC Importance of Embedded Software[Europe merge world tour] PAC Importance of Embedded Software
[Europe merge world tour] PAC Importance of Embedded SoftwarePerforce
 
WHY WE NEED AN EUROPEAN LOGISTICS DATA SPACE
WHY WE NEED AN EUROPEAN LOGISTICS DATA SPACEWHY WE NEED AN EUROPEAN LOGISTICS DATA SPACE
WHY WE NEED AN EUROPEAN LOGISTICS DATA SPACEThorsten Huelsmann
 
Digital grid: Disruptive digital technologies
Digital grid: Disruptive digital technologiesDigital grid: Disruptive digital technologies
Digital grid: Disruptive digital technologiesAccenture the Netherlands
 
TA CR Day - Industrie 40 (Ralf Wehrspohn, Fraunhofer Institute)
TA CR Day - Industrie 40 (Ralf Wehrspohn, Fraunhofer Institute)TA CR Day - Industrie 40 (Ralf Wehrspohn, Fraunhofer Institute)
TA CR Day - Industrie 40 (Ralf Wehrspohn, Fraunhofer Institute)Technologická agentura ČR
 
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...Nicolas Beyer
 
OT-IT convergence and IoT: innovate at scale and mitigate cyber risks
OT-IT convergence and IoT: innovate at scale and mitigate cyber risksOT-IT convergence and IoT: innovate at scale and mitigate cyber risks
OT-IT convergence and IoT: innovate at scale and mitigate cyber risksOrange Business Services
 
DWS16 - Connected things forum - Samuel Ropert, IDATE DigiWorld
DWS16 - Connected things forum - Samuel Ropert, IDATE DigiWorldDWS16 - Connected things forum - Samuel Ropert, IDATE DigiWorld
DWS16 - Connected things forum - Samuel Ropert, IDATE DigiWorldIDATE DigiWorld
 
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech ExpoCurrent state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech ExpoKnud Lasse Lueth
 
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech ExpoCurrent state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech ExpoIoTAnalytics
 
CTO-Frühjahrsforum_Huawei_20190412
CTO-Frühjahrsforum_Huawei_20190412CTO-Frühjahrsforum_Huawei_20190412
CTO-Frühjahrsforum_Huawei_20190412MIPLM
 
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIMData Driven Innovation
 
Privacy and security policies in supply chain
Privacy and security policies in supply chainPrivacy and security policies in supply chain
Privacy and security policies in supply chainVanya Vladeva
 
BigDataPilotDemoDays - I BiDaaS Application to the Manufacturing Sector Webinar
BigDataPilotDemoDays - I BiDaaS Application to the Manufacturing Sector WebinarBigDataPilotDemoDays - I BiDaaS Application to the Manufacturing Sector Webinar
BigDataPilotDemoDays - I BiDaaS Application to the Manufacturing Sector WebinarBig Data Value Association
 
Germany- ICT Opportunities & Business Analysis
Germany- ICT Opportunities & Business AnalysisGermany- ICT Opportunities & Business Analysis
Germany- ICT Opportunities & Business AnalysisRahil Pathan
 
Supply Chain Management using Internet of Things
Supply Chain Management using Internet of ThingsSupply Chain Management using Internet of Things
Supply Chain Management using Internet of ThingsIRJET Journal
 

Similar to Cybergefahren in der digitalen Supply Chain - Roger Müller (20)

CyberSecurity in Germany: Research Trends, Industrial Hub and Leading Clusters
CyberSecurity in Germany: Research Trends, Industrial Hub and Leading ClustersCyberSecurity in Germany: Research Trends, Industrial Hub and Leading Clusters
CyberSecurity in Germany: Research Trends, Industrial Hub and Leading Clusters
 
[Europe merge world tour] PAC Importance of Embedded Software
[Europe merge world tour] PAC Importance of Embedded Software[Europe merge world tour] PAC Importance of Embedded Software
[Europe merge world tour] PAC Importance of Embedded Software
 
Industry 4.0 Overview
Industry 4.0 OverviewIndustry 4.0 Overview
Industry 4.0 Overview
 
WHY WE NEED AN EUROPEAN LOGISTICS DATA SPACE
WHY WE NEED AN EUROPEAN LOGISTICS DATA SPACEWHY WE NEED AN EUROPEAN LOGISTICS DATA SPACE
WHY WE NEED AN EUROPEAN LOGISTICS DATA SPACE
 
Digital grid: Disruptive digital technologies
Digital grid: Disruptive digital technologiesDigital grid: Disruptive digital technologies
Digital grid: Disruptive digital technologies
 
TA CR Day - Industrie 40 (Ralf Wehrspohn, Fraunhofer Institute)
TA CR Day - Industrie 40 (Ralf Wehrspohn, Fraunhofer Institute)TA CR Day - Industrie 40 (Ralf Wehrspohn, Fraunhofer Institute)
TA CR Day - Industrie 40 (Ralf Wehrspohn, Fraunhofer Institute)
 
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
 
OT-IT convergence and IoT: innovate at scale and mitigate cyber risks
OT-IT convergence and IoT: innovate at scale and mitigate cyber risksOT-IT convergence and IoT: innovate at scale and mitigate cyber risks
OT-IT convergence and IoT: innovate at scale and mitigate cyber risks
 
DWS16 - Connected things forum - Samuel Ropert, IDATE DigiWorld
DWS16 - Connected things forum - Samuel Ropert, IDATE DigiWorldDWS16 - Connected things forum - Samuel Ropert, IDATE DigiWorld
DWS16 - Connected things forum - Samuel Ropert, IDATE DigiWorld
 
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech ExpoCurrent state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
 
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech ExpoCurrent state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
Current state of industrial IoT / Industrie 4.0 markets - IoT Tech Expo
 
CTO-Frühjahrsforum_Huawei_20190412
CTO-Frühjahrsforum_Huawei_20190412CTO-Frühjahrsforum_Huawei_20190412
CTO-Frühjahrsforum_Huawei_20190412
 
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM
5G: the context, use cases, privacy, security and rules. Attilio Somma, TIM
 
Privacy and security policies in supply chain
Privacy and security policies in supply chainPrivacy and security policies in supply chain
Privacy and security policies in supply chain
 
BigDataPilotDemoDays - I BiDaaS Application to the Manufacturing Sector Webinar
BigDataPilotDemoDays - I BiDaaS Application to the Manufacturing Sector WebinarBigDataPilotDemoDays - I BiDaaS Application to the Manufacturing Sector Webinar
BigDataPilotDemoDays - I BiDaaS Application to the Manufacturing Sector Webinar
 
Germany- ICT Opportunities & Business Analysis
Germany- ICT Opportunities & Business AnalysisGermany- ICT Opportunities & Business Analysis
Germany- ICT Opportunities & Business Analysis
 
Supply chain for next generation
Supply chain for next generationSupply chain for next generation
Supply chain for next generation
 
Supply Chain Management using Internet of Things
Supply Chain Management using Internet of ThingsSupply Chain Management using Internet of Things
Supply Chain Management using Internet of Things
 
The New Style of Business
The New Style of Business The New Style of Business
The New Style of Business
 
M2M Journal Summit 2016
M2M Journal Summit 2016M2M Journal Summit 2016
M2M Journal Summit 2016
 

Recently uploaded

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Recently uploaded (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

Cybergefahren in der digitalen Supply Chain - Roger Müller

  • 1. Cybergefahren in der digitalen Supply Chain The PRISM of PRIvacy, Security and regulatory coMpliance Roger Müller, Director PwC Consulting and Head Supply Chain & Operations, PricewaterhouseCoopers AG Rodney Fortune, Manager, Cybersecurity, PricewaterhouseCoopers AG
  • 2. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 The fourth industrial revolution has started – But.. …is your Supply Chain safe against cyber threats? Flexibilityandcomplexity Industry 1.0 Steam engine manufacturing Industry 2.0 Mass production and assembly lines Industry 3.0 Automation and robotic Industry 4.0 Digitization and Integration of Value Chains and Products/ Services (Internet of Things/Services) New Digital Business models Integrated Data Analytics as core capability Digital Enterprise End of 18th century Beginning of 20th century 1970s 2015+ 1800 1900 2000 2014 2020
  • 3. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016
  • 4. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Towards a new industrial revolution – The Industry 4.0 framework Source: PwC Industry 4.0 Study, 2015 Innovative digital business models III IV Digitization of product and service offerings Digitization and integration of vertical and horizontal value chains Industry 4.0 II Compliance, security, legal & tax Digital Enablers Organisation, employees and digital culture IT Architecture and data management Digital Coreelements Because of the Internet, mobile devices, applications, and cloud computing, companies and their suppliers can now share a large amount of data at the click of a button. Today, information about everything from order volumes and capacity status to activity-based management protocols and transportation metrics is electronically transmitted between business partners. Cybersecurity is essential in order for Industry 4.0 to work, not only in technological terms, but also in terms of the processes in the value chain.
  • 5. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 The integrated use of data is the core capability within the framework of Industry 4.0 Importance of data and analysis capabilities within Industry 4.0 93% 76% 68% 61% 61% 54% 5% 22% 20% 27% 27% 20% 2% 2% 12% 12% 12% 26% Generation of additional data (e.g. through expanded sensor technology) Use of realtime data to control production Clear labeling (barcode, RFID, NFC) Use/exchange of data with cooperation partners Analysis of extensive amounts of data in real time Efficient exchange of data along the own value-add chain Neither nor (3) Not important (1,2)Important (4,5) Source: PwC Industry 4.0 Study, 2015
  • 6. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Cyber Threats are real and affect business and life 91% of large organisations and 87% of small businesses had security breaches in the last year • Cyber security is now a persistent business risk • Organisations are undoubtedly worried about the rising tide of cybercrime • Looking at security investments by industry shows that spending is down in most sectors, with a few notable exceptions. • The black markets for stolen data are growing in size and complexity. Source: PwC 2015 The Global State of Information Security Survey 2015 91% 87%
  • 7. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 The dilemma: functionality and simplicity versus security Digitization Globalization The human being The 10-80-10 rule of honesty: According to insiders, it is considered proven that only 10% of adults are completely honest. For80%, it depends on the environment and 10% are dishonest. The digital transformation will change the way how people do business The danger to businesses and their customers from hacking and cyberattacks has become pervasive The markets and the customers are globally not locally Laws and regulations as well as jurisdiction is national
  • 8. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Industry 4.0 and Security – Trust versus Risk profile? Cybersecurity is more than an IT challenge—it’s a business imperative. New technologies, well-funded and determined adversaries, and interconnected business ecosystems have combined to increase your exposure to cyberattacks. Your critical digital assets are being targeted at an unprecedented rate and the potential impact to your business has never been greater. Can I trust my communication tools? Can I trust my data and information? Can I trust my my identity? Can I trust my business partner? Can I trust my technology?
  • 9. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Industry 4.0 - Adapt to the new realities of cybersecurity With Industry 4.0 Information and Data has become a critical supply chain asset, making it increasingly important to protect your data. Information sharing is not limited to supply chain functions like transportation, distribution, logistics, warehousing, inventory management, sourcing, procurement, and order and production planning. Companies share proprietary data across their value chain. Supply chain managers must play a larger role in cybersecurity Purcha- sing Production Logis- tics Planning Company CustomerSupplier Supplier network Cooperation partner Customer network Purchasing Production Logistics Sales Product Development (R&D) Planning Service Horizontal value-add chain (Network) Vertical value-add chain (Company)
  • 10. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Each organisation has a unique environment and therefore specific requirements Technology Risks Your business vision Business processes Business applications Devices, systems and platforms Network and communication Digital data  Identify valuable data  Identify threats & risks  Apply appropriate protection
  • 11. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Industrial processes demand a high level of connectivity between components of a vertical supply chain Vertical integration of supply/value chain processes • Cyber attacks to CPS systems (incl. industrial espionage) • Privacy • Reverse Engineering • Knowledge of Hardware by integrators, incl. manufacturers • Non-restricted staff access to critical components, systems and data Potential Cyber ThreatsPlanning/ ERP Planning Manufacturing Execution System (MES) Cloud/data management Enterprise Resource Planning (ERP) Horizontal integration with partners Machine to machine communication Engineering for “lot size” Cyber SecurityShop floor Machine Sensors/ Control Product Sensors & control Internet of things New technologies (e. g. 3D print) Autonomous logistics
  • 12. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Digitally driven horizontal integration across value chains allows the creation of a virtual SC model Integrated Planning & Operations – Cross-Tier Inventory Optimization Digital Implications Suppliers OEM DealerTier 1 Plants End Customer Make to OrderMake to Order InventoryMachiningAssemblyInventory Tier 1 HQ Market 1 Market 2 Engine 1 Engine 2 Engine n Forecast Forecast Planning ForecastForecast Real-time/near-real-time forecast data propagation can increase efficiency, e. g., optimizing supplier inventory levels Virtual Supply Chain Model Information Flows Components Suppliers IDMs Contract Electronics Mfg P S M D Customers OEM P S M D Material Flows P S M D P S M D P S M D Information Hub Components Suppliers / IDMs OEM/CEM P S M D P S M D P S M D Material Flows Customers P S M D
  • 13. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Greed, absence of ethics and weak prosecution / sanctions Adversary motives and tactics evolve as business strategies change and business activities are executed. Not only the ‘good guys’ use technology for their benefit (CCaS/Cyber Crime as a Service))! Organized crime Hacktivists Nation state Adversary Insiders What’s most at risk? Input from Office of the National Counterintelligence Executive, Report to Congress on the Foreign Economic Collection and Industrial Espionage, 2009-2011, October 2011. Emerging technologies Executive travel Automation Health and safety records Business deals information Information and communication technology and data Industrial Control Systems (SCADA) Geological surveys and industrial design (Intellectual Property) Third party connections
  • 14. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Industry 4.0 and Data Security – Introducting the concept of «PRISM» Digital operations (Industry 4.0) Dependence and abuse of IT increases (cyber resilience) Megatrends Business processes of the firm Applied Digital Trust (PRISM) Digital PRIvacy Cyber Security Regulatory CoMpliance Supply chain Suppliers Clients
  • 15. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Applied Digital Trust (PRISM) as an integral part of electronic business processes Guiding Principles: 1. Processes should be designed and displayed electronically, that the system only allows what is possible 2. Process steps must be designed in a way that controls are integrated and compliance-related data are collected systematically and continuously 3. Data analysis and continuous auditing lay the foundations that compliance-related data are systematically analyzed and reported Process Integrated Compliance Processes Controlling und QA* Data Measuring Measuring Measuring Access data Process data Transaction data Reports Data Analytics / BIG DATA * Quality assurance
  • 16. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Applied Digital Trust (PRISM) requires the collection and preparation of relevant data People, Processes, Technology Governance & Control Framework Security, Privacy, Compliance Information (big data) Digital Data classified, separated in trust-domains ICT Infrastructure on premise, outsourced or in the cloud User and devices trusted? Compliant? Sec & Compliance Layer 2: Infrastructure and data access Sec & Compliance Layer 1: user and device identification PRISM Dashboard(s) Strategy and risk appetite Infrastructure,Device,Data Mgmt. Regulation & Standards@ Sec & Compliance Layer 3: Gateways and zone transitions Compliance Mgmt. Data analytics (SIEM, etc.) Requirements & policies
  • 17. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Two options how to avoid digital data loss: A: protect and monitor or B: detect and respond ‘Crown jewels’ must be identified and their protection prioritised, monitored and adjusted accordingly. • Technology risk strategy • Security architecture • Target operations model • Security governance • Security assessments • Breach indicator assessment • Data analytics for security information • Threat intelligence Detect malware, attacks and data exfiltration quickly and reliably • Incident response • Forensic services • Crisis management • eDiscovery • Data analytics Respond to incidents efficiently and effectively. Remediate and learn. Monitor & DetectPrevent & Protect Respond & Remediate ‘Data protection by design’ by considering people, processes and technology
  • 18. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Five Steps to identify and protect enterprise data appropriately Assess cyber risks and ensure risk landscape is aligned with risk appetite. Reduce, avoid or transfer inacceptable risks Select applicable cyber threat scenarios (10-15) and analyse impact to your business data and customer data Identify your most valuable information assets, align your cyber security strategy with business objectives and get funding Analyse current safeguards and their effectiveness, assess vulnerabilities in your infrastructure and supply chain Implement safeguards, monitor effectiveness, improve processes for earlier detection and reduce the time from detect to respond 1 2 3 4 5
  • 19. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Summary: Applied Digital Trust by PRISM Privacy, Security and regulatory compliance? Stepwise procedure: 1. The industrial sector will change in the coming years due to the industrialization / digitization  This is a chance to integrate "Applied Digital Trust" 2. Digital Trust calls for requirements of privacy, security and regulatory compliance that are formulated not only as a policy, but are integrated into the technical infrastructure 3. Security, privacy and compliance should be consolidated into a common architecture and integrated in the process (and not appended) 4. The processes should be designed in a way that only those things are possible, which are permissible 5. Controls should be designed so that their effectiveness is constantly measured and the enforcement of the rules is ensured 6. Digital Trust shall define which reports are to be generated in order to provide quality assurance / that the auditor are satisfied Applied Digital Trust through PRISM is the discipline of designing products or processes that have very low tolerances, are repeatable, and are stable over time
  • 20. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 Thank you - Your PwC Industry 4.0 experts Talk to us… PwC Risk Assurance PricewaterhouseCoopers AG Birchstrasse 160 CH-8050 Zurich Switzerland Direct +41 58 792 19 46 Mobile + 41 79 128 67 61 rodney.fortune@ch.pwc.com www.pwc.ch Rodney Fortune Manager Cybersecurity Cybersecurity: Threat, Vulnerability & ICS Specialist, Switzerland PwC Management Consulting PricewaterhouseCoopers AG Birchstrasse 160 CH-8050 Zurich Switzerland Direct +41 58 792 1637 Mobile +41 79 878 3180 roger.mueller@ch.pwc.com www.pwc.ch Roger Müller Director Head Supply Chain & Operations Switzerland, Industry 4.0 Lead
  • 21. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 PwC’s Global Operations Consulting Network – From Strategy to Execution (Category of One) PwC's global operations practice connects clients' strategies with execution. We start with the premise that operations can and should be a strategic asset, and we bring the industry, functional, and technology depth required to rapidly close the gap between ideas and results. Integrated, best-of-breed capabilities and thought leadership Unique combination of strategy, operations, technology, and marketing capabilities to support future consumer businesses
  • 22. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 PwC’s Global Operations Consulting Network – From Strategy to Execution (Category of One) Together, we bring more than 250 years of experience helping global clients solve their toughest problems Global Supply Chain strategists network with more than 4.500 consultants Unique Supply Chain Strategy, Operations and Execution service portfolio Practical strategists committed to our client’s success Leading Supply Chain Strategy firm Local teams with access to global network Broad and in-depth experience Approach Management Consultants & Coaching oriented consulting approach using know-how and methodology Industry 4.0 Tax & Custom SCM Benchmarking Supply Chain Reference Model (SCOR) Plan Source Make Deliver Swiss-based core team and technical subject matter experts, well linked into
  • 23. © GS1 Switzerland 201611. GS1 Forum Logistics & Supply Chain | 2. März 2016 We think and advise on end-to-end processes across the entire Supply Chain  How does my supply chain performance compare to that of my competitors?  How confident are we in the resiliency of our supply chain operations?  How do we quickly assess our functional strengths and weaknesses?  How can we maximize return on our existing assets and gauge the value of future improvements?  How do we align our supply chain initiatives with overall strategic objectives?
  • 24. 28.10.2015 | © GS1 Switzerland 2015 | 52 Disclaimer This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers AG, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2016 PwC. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers AG which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity.