Real Stories of Supply Chain Agility – Part Eight

Cybersecurity Methods During COVID-19

Every day, on calls with Cleo customers, I am learning first-hand how leading supply chain-driven businesses are adjusting to the COVID-19 pandemic. In this blog series I share insights about how companies in various industries are responding. Their agility is remarkable, and something we can all learn from. Hope this helps everyone think differently.

Blog #8 – Managing Customer Risk in the Face of COVID-19

During my daily conversations with CIOs and business leaders, there is one recurring topic that has continuously come up. The concern on everyone’s mind revolves around managing disaster recovery, information security, and business continuity amidst COVID-19, especially as most businesses transition to a “work from home” (WFH) environment.

In today’s new reality, proactively anticipating and planning ahead is paramount for continued business success. Throughout this series on real stories of supply chain agility, I have highlighted one specific company in each of the blogs. However, for today’s story, we’re going to do things a little differently.

Because this is a concern for companies across multiple industries, this blog is going to feature three different companies that aren’t simply surviving COVID-19. These companies are also helping their own customers effectively manage their risks, and that is what every type of business ought to be striving for today.

National Specialty Food Distributor

One of our customers, a multibillion-dollar specialty foods distributor, with over 5,000 employees and a large nation-wide distribution center network has managed to weather the COVID-19 impact. But how?

The company proactively implemented many cybersecurity-related changes last year, a decision that has enabled it to easily shift to a WFH environment while simultaneously maintaining all the same cyber protections that would be in place in the office. It also periodically conducts a comprehensive cybersecurity audit and implements recommended changes, an action which has better prepared it for this current pandemic. 

Its primary focus is to ensure that its retail customers have a highly resilient order-to-cash process where the integration points have a high degree of in-built fault-tolerance and disaster recovery. To achieve that end-goal, the company also focuses on developing resiliency in its procure-to-pay process across its global network of suppliers -- especially important as COVID-19 has shut down food manufacturers in several parts of the word including China and parts of Europe. It is impressive to see how this company’s proactive business continuity planning has enabled uninterrupted fulfillment of its specialty food supply chain.

Global Engineering Software Company

The second customer is a large engineering software company with solutions spanning industries such as manufacturing, architecture, construction, and many more. This company has also been exceptionally proactive by moving all of its applications to the cloud well in advance of COVID-19. Traditionally, the prevailing wisdom has been that while employees are on the company’s campus, everything they need to access is safe and that additional security measures, such as VPN access and multifactor authentication, are only needed when employees are working at a Starbucks or another remote location.

This company took additional steps to make its environment secure. For starters, it had the foresight to implement a “café style” type of security, meaning it has been able to smoothly transition its work force to a remote style within 18-24 hours after it mandated employees must work from home full time in the wake of COVID-19. The company also focused on enhancing its customers productivity by providing them with easy access to its software in the cloud and offering cloud storage as an additional assurance for them.

Enterprise Content Management Software Company

And third, our final customer is a leading provider of enterprise content management software. Immediately after COVID-19 hit, the company quickly realized that, in addition to its internal business continuity planning it also needed to focus on helping customers manage their risk. The company provided a compelling value proposition by shifting its customers’ risk in terms of disaster recovery and security by leveraging its SaaS offering.

By investing in additional modules, tools, and services to “lift and shift” its customers’ on-premise solutions and workload to the cloud, the company is not only providing superior flexibility to its customers, but also dramatically reduced its customers’ risk profile in their respective businesses.

Key Learnings

Despite these three companies being in different industries and developing varying methods of strategy to better secure their environments, there are some recurring themes and learnings we can take away.

1. Being proactive in business continuity planning is important

2. If not proactive, then leverage COVID-19 as the wake-up call to immediately pay attention

3. Refresh business continuity plans on a regular basis because COVID-19 and transitioning to a WFH environment has given bad actors additional opportunities to attack by exploiting the vulnerabilities

4. Avoid the temptation to accelerate digital transformation efforts by doing “patch work.”  Instead, try to focus on the various workflows comprising your end-to-end business processes, like order to cash or procure to pay.

5. Help your customers every way you can to be successful. This is the time to build long-term loyalty


As more of the global workforce continues to work from home and remote working becomes for many the new normal, what do we foresee in the future? We anticipate a hybrid work environment with some workers in the office and others continuing to work from home, along with the risk of future outbreaks requiring additional shelter-in-place orders. We recommend the following:

1. Immediately shift your “mission critical” on-premise applications to the cloud

2. Pay attention to application level fault tolerance and not just focus on moving the infrastructure to the cloud. In other words, migrating to a SaaS offering is far more valuable than simply moving existing applications “as-is” to a third-party cloud provider

3. Ensure “key person” dependencies are addressed by hiring additional back up resources or bring on a reliable managed services provider with proven expertise on a long-term contract

4. Prioritize by focusing on the 20% of core processes such as order to cash and procure to pay that generate 80% of the revenue

As always, please reach out to me here on LinkedIn with any questions or comments that you might have. And refer to Cleo’s COVID-19 FAQ guide for more suggestions to help you navigate these difficult times.

about cleo
About Cleo
Cleo helps organizations quickly onboard and automate every API and EDI integration directly into any back-office application and gain complete end-to-end visibility for every B2B transaction.
Learn More
Instantly access demo videos
Discover how Cleo is helping thousands of organizations take control over their B2B supply chain integrations.
View Demo
We hope you enjoyed reading this blog post.
If you’re ready to learn what Cleo can do for you, just reach out!
Contact Us Today