Third-Party & Supply Chain

At the beginning of last month, news broke that Bank of America had been hit by a data breach. The breach occurred within a third-party service provider, Infosys McCamish Systems LLC (IMS), late last year. As more information has come out it has been revealed that other organizations, notably including Northwestern Mutual, have been affected. According to reports, a ransomware group known as LockBit is responsible for the breach.

Airbus has recently outlined plans to increase aircraft deliveries to customers in 2024, despite grappling with persistent supply chain disruptions. The European aerospace giant revealed robust results for its commercial aircraft business in its latest annual earnings report, signaling optimism for the coming year with a target of 800 commercial aircraft deliveries—65 more than the previous year.

ESG is causing business to evolve across the globe with regulations and guidelines causing organizations to address sustainability risks, and perhaps in no greater area than in supply chains. One of the major issues of concern in ESG globally is modern slavery which includes forced labor, one of the gravest problems that supply chains face, and according to a recent report by Moody’s, food supply chains are particularly susceptible.

European Union (EU) countries have deferred a decision on the proposed Corporate Sustainability Due Diligence Directive (CSDDD), a law aimed at compelling large companies to assess whether their supply chains involve forced labor or contribute to environmental harm. The postponement was prompted by indications from Germany and Italy that they would abstain from voting.

The German supply chain due diligence act (SCDDA) was passed a year ago, and as far-reaching as it was last year it has become even more so with the start of this year. The SCDDA, called Lieferkettengesetz (LkSG) in German, requires that companies operating in Germany exercise due diligence in supply chain when it comes to all aspects of environmental, social, and governance (ESG), which includes everything from human rights violations to compliance with environmental standards.

A surge in supply chain attacks has been fueled by the widespread use of open-source code and legitimate hacking tools, according to a report done by ReverseLabs. Cybersecurity company ReversingLabs highlights the rising popularity of a once-rare and intricate form of cyberattack, attributing the increase to cybercriminals' increased proficiency in executing software supply chain attacks.

Sphera, one of the world’s top environmental, social and governance (ESG) performance and risk management software providers announced on Wednesday that it had acquired SupplyShift who is considered by many to be a pioneer in supply chain sustainability software.