Skip to main content

“Protecting our customers means protecting our suppliers”

Cybercrime is going to cost the global economy 5.2 trillion dollars between 2020 and 2025, and cybersecurity incidents are currently one of the main risks that companies face. The security of its customers is a priority for Thales, but so too is that of its suppliers. 

That is why the Group has decided to use its cybersecurity expertise to deploy a vast plan of action to protect its suppliers from cyberattacks.

© Thales
Roque Carmona

The aim, first of all, is to make our suppliers aware of the cybersecurity risks out there,” says Roque Carmona, SVP, Group Chief Procurement Officer. “And beyond that, we want to improve their maturity in this area, in order to strengthen the resilience of Thales’s supply chain and, by extension, that of the company itself.”

As Stéphane Lenco, VP, Group Chief Information Security Officer, explains: “Over the past few years we have seen a number of attacks that have targeted our supply chain. Some of these attacks can have a direct impact on our business, particularly if data that we share with our partners is leaked.”

These attacks can also directly affect our customers,” adds Sarah Korsia, Cybersecurity director at Thales Digital Factory, “for example, if a system that we integrate contains malware. They can also lead to production being halted on our customers’ – and indeed our own – sites.”

Securing our supply chain

The awareness programme that the Group has implemented is the result of work done by Procurement in partnership with a range of specialists: cybersecurity experts and the heads of information system security, to help suppliers detect and respond to attacks; legal experts, to determine new contractual requirements; and instructors, to support both procurement staff and suppliers.

We are asking our suppliers to assess their maturity in terms of cybersecurity, to take into account the new cybersecurity clauses in our contracts and, if necessary, to take the steps required to improve their cybersecurity resilience,” says Roque Carmona. “Only by ensuring the security of our supply chain can we strengthen the trust on which both our supplier and customer relationships are based.”