Interview with an Expert
Claire Yang, Business Solutions Specialist for OEC Group’s Northeast region, discusses the security of our OEC Customer Portal and how we manage client data to ensure the safety and security of all of our clients’ most sensitive information.
What sets OEC Group’s Portal apart from what others are offering on the market?
What sets us apart is basically our approach to digital services. A lot of providers are focused on all-out automation, but we focus our tech solutions on the human element that OEC is known for. The goal isn’t to minimize or eliminate person to person interaction, but to support those relationships and to optimize our efforts as a team—not just our internal team, but the teams we’ve built with our customers.
Do the high-profile hacks of the last few years, including Maersk most recently as well as CMA CGM and Expeditors International closer to the start of the pandemic, point to an upward trend of cyberattacks?
I think it’s safe to say that our industry is being tested. Our supply chain sector has never had as many digital services and technological solutions as we do now, and bad actors are clearly trying to take advantage. That’s not necessarily a bad thing. These reports and these instances of data breaches let us know that this threat is certainly out there. The trend has forced our technical teams to consider cyberattacks in a very practical way and develop internal processes to prepare for them. On the other hand, increased cyberattacks can certainly be a critical issue if you’re not confident that your information is being stored safely and reliably.
What is one question you’d ask a provider regarding cyber security?
With issues as complex as cybersecurity, I find it best to be as straightforward as possible. Ask a question like, “Just how safe is my sensitive information?”. Providers who have prepared for cyberattacks and have SOPs in place will be able to give you an idea of their approach or provide internal documentation right away. Now, they likely will not give detailed information on their IT systems (for obvious security reasons), but if they can’t describe any security features or strategies, then that’s certainly a red flag.
What should a shipper be looking for in a provider’s cybersecurity information?
“Penetration testing” is one important piece of IT security preparation that should be featured in an answer to any big question about a provider’s digital safety. The frequency of these tests and also the depth or meticulousness of these tests would be an added bonus detail to ask about. The most prepared organizations will establish internal guidelines regarding this kind of testing and keep on their own testing schedule year in and year out. Another extremely important thing to look for, outside of the technical features, is a real person to speak with. The more automated and digitally reliant some of the tech services in our industry are, the harder it can be to get a hold of a real person that can answer your questions.
Can you give shippers one piece of advice moving forward in this market with a very real threat of cyberattacks?
Make sure you’re communicating with your provider. Effective communication is the best way to make sure your provider is prioritizing what you find important in your supply chain—including cybersecurity. We’re in a true shipper’s market right now, and cybersecurity is one outside variable that can completely prevent shippers from regaining any ground following two years of historically difficult market conditions. Neutralize that variable by choosing the right provider and voicing any concerns you may have.