• Become a Supplier
    • Get to Know P&G
    • Understand Supply Chain
    • Send your Profile
  • Tools & Services
    • Setup and Update Profile
    • Receive Orders
    • Create Invoices
  • Supplier Citizenship
  • Guidelines
    • Global Sourcing Principles
    • Privacy
    • P&G Guidelines/Expectations for Suppliers
    • Report a concern
  • News
  • Support

Modal needs a title property!

English
Sorry, PGSupplier.com is only available in English right now. For the time being, we recommend that you use translation engines available on the internet.

中国内地 -大中华
抱歉,PGSupplier.com目前仅提供英语。目前,我们建议您使用Internet上可用的翻译引擎。

Français
Désolé, PGSupplier.com n'est actuellement disponible qu'en anglais. Pour le moment, nous vous recommandons d'utiliser les moteurs de traduction disponibles sur Internet.

Deutsch
Leider ist PGSupplier.com derzeit nur auf Englisch verfügbar. Derzeit empfehlen wir die Verwendung von Übersetzungsmaschinen, die im Internet verfügbar sind.

日本語
申し訳ありませんが、PGSupplier.comは現在英語でのみご利用いただけます。当面は、インターネットで入手できる翻訳エンジンを使用することをお勧めします。

Português
A tradução para o português estará disponível em Abril.

Русский
Извините, PGSupplier.com сейчас доступен только на английском языке. В настоящее время мы рекомендуем вам использовать системы перевода, доступные в Интернете.

Español
Traducción al español estará disponible en Abril.

  • Become a Supplier
    • Get to Know P&G
    • Understand Supply Chain
    • Send your Profile
  • Tools & Services
    • Setup and Update Profile
    • Receive Orders
    • Create Invoices
  • Supplier Citizenship
  • Guidelines
    • Global Sourcing Principles
    • Privacy
    • P&G Guidelines/Expectations for Suppliers
    • Report a concern
  • News
  • Support

CPO Perspective on Cybersecurity

Together we remain alert and diligent to improve our capabilities to protect all our supply chains

External Business Partners,

If your business and personal inboxes are anything like ours, you have seen an uptick in phishing attempts over the last few months as cyber-attackers ride the panic associated with COVID19 and economic uncertainty. Phishing is just one of the ways that P&G and our business partners are being targeted. Every company within our supply network is at risk, regardless of what product or service is supplied. We need you, our partners, to remain alert and diligent and continue to improve your capabilities to protect all our supply chains. To that end, we encourage you to explore and adopt best practices and certifications that support the needs of P&G and the other CPGs and industries with whom you work.

Even before the events of 2020, supply chain attacks were on the rise. Industry research from the end of 2019 estimated that approximately 50% of cyber-attacks are directly related to the supply chain, which was a 78% increase from 2018. According to one cyber intelligence provider, in 2018 as many as 66% of companies had experienced a cyber incident through their supply chain. For our non-technology third party business partners, island-hopping is a concern. Island-hopping is a term used to describe a malicious actor infiltrating a smaller EBP’s environment in order to pivot to a larger, but connected, environment. One report cited that as many as 11% of recent breaches were attributed to island-hopping.

For P&G’s technology-providing EBP’s, we are concerned about conventional supply chain attacks. Cloud hopping involves infiltrating a cloud hosting provider and using that access to move laterally across that hosting provider’s clients’ environments. Supply chain targeting can involve methodology like cloud hopping or targeting actual software and hardware providers and infiltrating new hardware/software acquisitions and updates. It should be noted that all of P&G’s EBP’s are also subject to this sort of supply chain attack, which could ultimately result in island hopping to P&G’s environment.

We were recently contacted by one of our large raw material suppliers because they received a suspicious fax from a P&G executive. Their swift action is exactly what we ask of each of you. Whenever there is an incident or suspected incident related to Privacy/InfoSec, please report the details to P&G via securityincident.im@pg.com directly. For additional information on privacy, please visit pgsupplier.com. Please contact your P&G Purchases Leader with any other concerns or questions you may have.

We thank you for your ongoing partnership. Together we can protect our supply network from external threats.

Kostas GeorgakopoulosAna Elena Marziano
Chief Info Security OfficeChief Purchasing Officer


Sep 01, 2020
  • Partners & Investors
    • Our Company
    • Investors
    • Partner With Us
  • Sitemap
  • Legal
    • Privacy
    • Terms & Conditions
    • AdChoices
  • Support
Rate Your ExperienceRate your experience
2021 Procter & Gamble. All Claims valid only in the USClick for Profile