Stacy Mendoza's blog

Is Supply Chain Software Risky Business?

An image of a cloud that conveys cloud computing.

Keynote speakers, thought leaders and industry publications show no signs of slowing when it comes to evangelizing the benefits of the supply chain’s digital transformation. With its promises to save you time and money, the market has exploded with offerings of cloud-based solutions, IoT devices and a legion of outsourced practitioners who can make all of your spend visibility and risk management dreams come true. But for all the benefits touted, what is often left out of the conversation is the topic of security, especially as it relates to third-party vendors.

The Path of Least Resistance

As hackers become cleverer in their approaches, they’ve moved from directly attacking large organizations to exploiting vulnerabilities and penetrating third-party cloud software, apps and IoT devices to implant malware directly into the software or steal login credentials. “The challenge with supply chains is that they are multifaceted and there are many places where a hacker can enter,” says Brandon Curry, Senior Vice President with NTT Communications. Curry, who is also a Certified Ethical Hacker, frequently reports on trends in cloud and supply chain software security. He notes that the top cost of a supply chain breach is legal and reputational costs, with software supply chain attacks costing an average $1.1 million per attack globally.

Compromised software is one of the primary causes of supply chain software breaches, and the damage isn’t limited to grabbing customer credit card numbers or personally identifiable information (PII). Hackers are also looking to steal intellectual property, mine your customer base, counterfeit your product and take over your market share.

Stacy Mendoza, Digital Marketing Specialist

This Month at SIG – December 2018

An image of an arrow hitting a bulls eye.

And just like that, it’s nearly the new year! With a few weeks left in 2018, you still have time to achieve the professional goals you set earlier in the year. Squeeze in some last-minute training by registering for a webinar, join us as a presenter at a regional SIGnature Event or Global Executive Summit, or consider becoming a contributor to Future of Sourcing Digital.

December Webinars

The Buck Starts Here: Building a Winning Business Case to Transform P2P
Presented by: Zycus
December 6

This webinar will focus on best practices for creating and executing a business case for a Procure-to-Pay (P2P) transformation.

Utilizing a case study that highlights the “flight plan” of Curtiss-Wright, a manufacturer that traces its origins back to the Wright Brothers, webinar attendees will learn how the company transformed its P2P process to arrive at a more strategic destination after discovering imbalanced resource allocation that led to procurement resources spending 80 percent of their time on just 5 percent of the total spend.  

The Services Spend Management Challenge
Presented by: Coupa
December 11

Looking to control and optimize your services spend more effectively? Join this webinar with Coupa for a deep dive into a comprehensive solution that includes advanced services and contingent workers.

You’ll learn how the right technology can streamline your services procurement process and see firsthand how the right solution can enable you to drive more adoption, accelerate your time to value and reduce costs.

Register for your virtual seat now. Can't join at the date and time listed? You can still register to get the on-demand recording!

Stacy Mendoza, Digital Marketing Specialist

Join the Conversation in the SIG Community

An image of people around a conference table with watercolor overlay.

The SIG Peer2Peer (P2P) program allows members to access benchmarking insights and best practices on topics specific to their needs. Using the Peer2Peer resource, members can leverage the experience of other industry professionals by posing questions to the greater SIG community on issues they are facing within their organization. Members use the forum to locate resources, source providers, seek advice on hot topics and share their lessons learned.

Below are the latest Peer2Peer inquiries. You or someone on your team may know the answer to one of the questions below. If you do, please take a moment to help a SIG member from the buy-side. You may need their help one day, too! To submit your own Peer2Peer inquiry, get in touch and we’ll pose your question to the SIG Community.

 

Procurement Best Practices

This buy-side member is re-writing their procurement policy and revamping their process for the requested addition/approval of a new supplier. They are seeking best practices for procurement policies, specifically covering the following topics:

  • What spend does/does not require a PO?
  • What are the consequences for procurement policy violations? For example: Committing company funds without a PO or contract.
  • How are violations to the procurement policy enforced?
  • What is the process for requesting a new supplier add? Who reviews/approves/denies this request?

 

Stacy Mendoza, Digital Marketing Specialist

SIG Speaks to Debbie Manos-McHenry, Chief Sourcing Officer, Huntington National Bank

An image of gold stars on a grey surface.

When she’s not challenging the status quo and meeting her budget targets at the bank, Debbie helps to make her community a better place as the leader of the Huntington Women's Network Business Resource Group and as a volunteer with various Columbus charity organizations. A big believer in the power of personal connections, Debbie talks about her role at the bank, the importance of utilizing technology and her tips for building professional relationships that can pay off down the line. Debbie is well-known in the SIG community as a member of the SIG Thought Leadership Council, the SIG University Advisory Board and she leads the Steering Committee of the Risk Management Association’s Third Party Management Round Table.

Your keynote presentation at the Columbus CPO Meet and Eat was about tail spend management--why is this such a hot topic?

Huntington’s sourcing team, like many other companies, is lean. Identifying ways to direct low-dollar, high-transaction volume spend to a consistent, repeatable process through catalogs, spot-buys amongst preferred providers or non-catalog PO’s helps focus the team on more strategic projects while maintaining cost discipline in the tail.

Stacy Mendoza, Digital Marketing Specialist

SIG's Career Network: Sourcing and Procurement Job Listings

An image of a ladder in the clouds.

SIG’s Career Network helps job seekers, recruiters and companies find and recruit high-quality talent within sourcing and procurement. SIG member companies can post job listings on our Career Network or post available internships within their organizations. If you’re looking for your next career opportunity, check out our Job Listings page, which is populated with listings from some of the world’s leading companies.

Here are the latest job postings in the Career Network. To see all available opportunities, visit our website.

 

Strategic Sourcing Analyst

Axis Capital
Alpharetta, Georgia

The Strategic Sourcing Analyst will support strategic sourcing and contract administration processes for all categories, in addition to supporting team reporting, category spend analysis and technology support.  This is an individual contributor role regularly interacting with AXIS’s Chief Procurement Officer, as well as other senior strategic sourcing staff. The role has broad exposure to all aspects of the AXIS’s operations with the intent is to allow a successful individual to rapidly advance into a mid-level role responsible for day-to-day sourcing activity.

 

Manager, Strategic Sourcing – IT

Macy’s
John’s Creek, Georgia

Stacy Mendoza, Digital Marketing Specialist

SIG Speaks to Bruce Morton, Global Head of Strategy, Allegis Global Solutions

An image of the Denver, Colorado, skyline.

Bruce is a distinguished thought leader and global innovator, with over three decades’ experience within the human capital and workforce management industry. In his current role, Bruce is involved in new services and product idea generation, sales presentations, internal and external evangelism, digital and social media strategies, and lead generation. He gives us an inside look into his role, how he acts as a key partner to the business and his outlook on the future of work.

Your CPO keynote presentation at the Denver CPO Meet and Eat is about leveraging spend management within services categories--why is this an important topic?

There is a lot of talk about spend analytics, data and how that is the future of success. Our position is that spend analytics is a wonderful tool and capability but we’ve yet to see the capability evolve beyond goods-level detail.  As procurement teams are continuing to try to find ways to better address services spend and deliver value to their organizations, we feel that there is tremendous opportunity by thinking differently about this space.

Can you share a little more about your day-to-day role and responsibilities as the Global Head of Strategy for Allegis Global Solutions (AGS)?

Stacy Mendoza, Digital Marketing Specialist

4 Things to Know Before you Launch a Category Management Program

An image of white paper airplanes flying in the same direction with one red paper airplane veering off course.

A category management program can put your organization on a path to achieve better outcomes, experience greater savings and result in an increased focus on collaboration and innovation. But launching a category management program is not just as simple as flipping a switch.

In our blog post, The Guide to Understanding Category Management, we provided you with a template to develop a business case for category management in a specific spend category and noted that category management is not to be confused with strategic sourcing, although it evolved from the overall strategic sourcing approach.

Before we jump head first into creating our category management program, there are some important considerations to take into account. The Hackett Group (Hackett) and GEP recommend addressing the following four critical needs for an effective program, which are summarized below.

>>Click here for everything you need to know about achieving greater value with a global category strategy.

#1: Create an organizational design to best meet the needs of procurement and the business.

Getting visibility into spend analytics is one of the first steps to implementing a successful and sustainable category management program. Then, with your spend data in place, you can begin to develop your category management plan.

Stacy Mendoza, Digital Marketing Specialist

This Month at SIG - October 2018

An image of a city against fall foliage.

"Life starts all over again when it gets crisp in the fall." - F. Scott Fitzgerald, The Great Gatsby

It’s the beginning of a new quarter and a new season. As we set our sights on end-of-year goals and put our heads down to meet year-end commitments, don’t forget about the personal and professional growth goals you set at the beginning of this year. Whether it’s attending a conference, taking an hour out of your day to learn a new skill from a webinar or getting a much-needed dose of inspiration from a podcast, SIG has you covered.

Last Call to Register for the Global Executive Summit

SIG’s Fall Global Executive Summit is just around the corner. Sourcing and procurement professionals will convene in Rancho Mirage, California from October 15 to 18 for learning, growing and networking. If you’ve already registered for the Summit, download the SIG Events app to your mobile device or tablet to plan your schedule in advance. 

For seasoned and new attendees alike, there’s lots to see and do at the Summit. Whether it’s validation that you’re managing your own projects in the right way or crowdsourcing a new idea, here’s what you can expect from this year’s Fall Global Executive Summit:

Stacy Mendoza, Digital Marketing Specialist

The Shifting Cyber Threat Landscape

An image of a lock followed by colorful tendrils.

With the rapid acceleration of cloud software, Internet of Things (IoT) and advancements in FinTech, the financial and technology industries saw significant increases in cyberattacks over the past year. Attackers find vulnerabilities in supply chains and software, capitalize on lax security updates and use social engineering to manipulate end-users.

As hackers become more creative in their subversive techniques, businesses need to become more proactive in educating their workforce and stepping up their cyber incident response plans. Businesses should consult with their vendors, third-party suppliers and stakeholders in every business unit to ensure continuity, mitigate risk and verify that security measures are being employed and regularly updated.    

Below are summarized findings from the recent NTT Security Global Threat Intelligence Report that focus specifically on the finance and technology sectors in the Americas, which account for the most highly targeted attack sectors in this region. Recommendations from the National Institute of Standards and Technology Framework are included here as well. Organizations can also look to the Department of Homeland Security’s National Cyber Incident Response Plan for guidance on dealing with and addressing cyber incidents. 

Finance and Technology Top the List of Targets

Attacks to the finance sector nearly tripled, accounting for 43 percent of attacks compared with 15 percent the previous year. Attacks targeted at the technology industry sector increased to 27 percent of attacks, up from 11 percent in the previous year. For comparison, manufacturing was the most attacked sector in 2016, with 23 percent of attacks, but has since fallen to five percent of attacks in 2017.

Stacy Mendoza, Digital Marketing Specialist

This Month at SIG - September 2018

This month, SIG shares the keynotes for #SIGFall18, interviews with leading industry experts and a special opportunity to win an Amazon gift card.

Don’t Miss the Big Event

The SIG Fall Global Executive Summit is just around the corner! We have an exciting lineup of keynotes, breakout sessions, a new Future of Sourcing Awards ceremony and lots of networking opportunities to make the connections that will pay future dividends.

The Global Executive Summit keynote speakers come from a wide range of industries to bring you well-rounded, insightful and unique perspectives on the issues and trends shaping the industry today. We are pleased to introduce our keynote speakers who will drive the conversations at #SIGFall18!

Fireside Chat with Coupa CEO Rob Bernshtyn and SIG CEO and President Dawn Tiura

In this session, SIG CEO and President Dawn Tiura will put Coupa CEO Rob Bernshteyn on the hot seat for a grilling on the state of the sourcing industry. Rob has extensive experience running cross-functional teams and scaling companies from the early start-up phase into successful public companies. Got spend management questions? Now’s the time to ask them. 

How Relevant Will Procurement Be in 2020?

Do you ever wonder what your job will be like in 2020? Turns out you’re not the only one. Get the inside scoop from a panel of procurement executives on how to stay relevant when new technologies emerge on the scene.

Panelists include:

Stacy Mendoza, Digital Marketing Specialist

Pages