top of page
Search

Cyberpunk, cybersecurity, cybercrime, cyberitis

  • Writer: Procurement Says No
    Procurement Says No
  • Jan 19
  • 3 min read

“In 2025, the only thing spreading faster than AI hype is ransomware - and unfortunately, one of your suppliers might be patient zero.” So, ask them nicely to change their passwords. 


On of our recent newsletters was so dazzlingly insightful, we felt bad keeping it locked away in the subscriber vault. So here it is, recycled into blog form - because at PSN, we believe in sustainability, circular economies, and repurposing content like it’s a leftover PowerPoint slide. Cut ‘n’ paste is the new, er, cut ‘n’ paste. 


Cyberattacks: The New Black 


We’ve been doing some serious chin-stroking over the recent cyberattack at Jaguar Land Rover - the one with the sleek cars and presumably sleek firewalls. Turns out, their cyber defences were more cardboard than carbon fibre. And they’re not alone. Marks & Spencer and the Co-op have also been digitally mugged in broad daylight. 

Which begs the question: how are these titans of industry getting digitally duffed up by hackers? Don’t they have super-duper cyber software, policies, and a team of IT wizards chanting anti-viral incantations? 

Apparently not. 


The Supplier Side-Eye 👀 


This got us thinking about suppliers - those delightful third-party entities we audit once a year and then forget exist until something explodes. Can any procurement professional, hand on heart (or procurement dashboard), say their supplier list is squeaky clean from a cybersecurity perspective? 

Didn’t think so. 


AI, Cybersecurity, and Procurement’s Existential Crisis 


We asked AI for help. It blinked twice and said, “Cybersecurity isn’t always your top priority, but maybe it should be?” Which is AI-speak for “Put those unpaid invoices down and pay attention.” 

Procurement used to be about cost-cutting and risk management. Now it’s about making sure your suppliers aren’t secretly hosting ransomware parties in their server rooms. 

So, should we be focusing on AI? Or maybe - just maybe - we should be looking at cyber-defence before our supplier’s Sales Director’s cousin’s nephew’s laptop becomes the gateway to our ERP system. 


Why Cybersecurity Is the New Procurement Darling 💻💔 

  • Supply Chain Shenanigans: Hackers love a good third-party loophole. Attacks have quadrupled since 2020, which is great news if you're a cybercriminal, less so if you're trying to deliver frozen peas to Tesco. 

  • Financial Faceplants: One ransomware attack on a logistics provider in 2025 caused chaos for UK retailers. Sainsbury’s shelves were emptier than a procurement budget post-ERP upgrade. 

  • Regulatory Rage: GDPR is no longer just a scary acronym — it’s a legal bat ready to whack non-compliant vendors. Cyber hygiene is now a compliance must-have, like pants in public. 

  • Data Drama: Procurement holds the crown jewels — financials, bids, BOMs, marketing secrets. One breach and hackers could be running your sourcing strategy from a beach in Bali. 


Procurement’s 2025 Juggling Act 🤹 

According to our very own Cheetah Research Institute (fast, fierce, and occasionally fictional), here’s what procurement leaders are prioritising: 

  • Cost Reduction (68%): Because who doesn’t love a bargain, even during an economic apocalypse? 

  • Sustainability & ESG (55%): Saving the planet while sourcing widgets. Noble. 

  • Supplier Resilience (44%): Includes cybersecurity, which is like saying your umbrella includes a hole. 

  • Cybersecurity Readiness (24.7%): Oh dear. That’s less than the percentage of people who believe in Bigfoot. Time to raise the bar, folks.

     

From Reactive to Proactive: The Cybersecurity Glow-Up ✨ 

Procurement’s new mantra: don’t wait for the breach, prevent the breach. Here’s how:

  • Security First, Not Last: Evaluate vendors’ cyber posture before you sign anything. If their idea of security is a sticky note with a password, run. 

  • Contractual Clarity: Add CPLAs (Cyber Protection Level Agreements). Yes, it’s a mouthful, but it beats “We didn’t know they were using Windows XP.” 

  • Ongoing Vigilance: Audits aren’t just for tax season. Monitor suppliers like they’re your teenager’s TikTok account. 

  • Supplier Slimming: Fewer unknown vendors = fewer risks. Like out more about them – you might even like some of them. 

 

🎬 Curtain Call 

So, next time someone tells you cybersecurity is “IT’s problem,” kindly remind them that in today’s procurement world, every dodgy USB stick, every unpatched vendor server, and every forgotten third-party login is a potential front-page scandal waiting to happen. Because in 2025, procurement isn’t just about saving money - it’s about saving face. And if you’re not embedding cybersecurity into your sourcing strategy, you might as well be handing out your company’s secrets in a phishing-themed gift basket. 

In a world where your supplier’s password is still “Password123,” you’re not just managing spend - you’re managing suspense. 

 
 
 

Comments

bottom of page