Share:

Supply Chain Now Guide: Protecting Supply Chains From Cyberattacks

In July, what is being called the “largest IT outage in history” grounded air cargo and travel and caused “substantial disruptions” to the networks of such supply chain giants as FedEx and UPS. While cybersecurity company CrowdStrike blamed the worldwide outage on a “software update” and not a cyberattack, the event illustrates the importance of taking measures to safeguard the supply chain systems we all rely on for the movement of goods and people.

Cybersecurity is Paramount in Digital Supply Chain

A Boston Consulting Group (BCG) report published in October 2023 said that “bad actors are using more sophisticated tools and techniques to exploit vulnerabilities in digital networks, and weak points can be difficult to detect. Companies with established cybersecurity capabilities are being compromised through less sophisticated third parties that are connected to their network.”

Today’s Supply Chain Remains Vulnerable to Cyberattacks

According to the Identity Theft Resource Center, the number of organizations targeted by supply chain cyberattacks skyrocketed by 2,600% between 2018 and 2023. Verizon’s 2024 Data Breach Investigations Report said there was a 68% year-over-year leap in the amount of “supply chain interconnection” involved in cyber breaches.

Among high-profile cyberattacks affecting the supply chain:

In December 2020, Forward Air Corp. was forced to take its systems offline to prevent the spread of a ransomware attack.

In September 2023, a ransomware attack caused outages for customers using technology provider Orbcomm’s fleet management services.

In early October 2023, LTL carrier Estes Express reported a cyberattack knocked out nearly all of its technology capabilities, including its phone service.

Why Is It So Difficult to Build Resilience to Supply Chain Cyberattacks?

The BCG report said supply chain stakeholders have been able to minimize their cyber risks, but it’s a complicated process that involves collaborative leadership, a transparent risk management program, and accurate reporting of material weaknesses.

Three Strategies for Improved Supply Chain Cybersecurity

“It’s clear that supply chain cyberattacks are among the most urgent cyber threats companies face in 2024,” SupplyChainBrain said. “To address them, it’s vital that companies focus on comprehensive cybersecurity across the supply chain, which means improving visibility and reporting, applying consistent standards for data security and management, and building a culture of cybersecurity awareness throughout the partner ecosystem.”

Be Proactive

It’s too late to address cybersecurity after an attack occurs.

“Many times, the hardest part is simply getting started,” the BCG report said. “However, having a program puts a company miles ahead of organizations that have none at all. Begin by taking stock of the supply chain and identifying quick-win opportunities – weak points that can be addressed swiftly and yet make the network more secure.”

The Cybersecurity & Infrastructure Agency advises companies to:

Train employees to spot potentially malicious emails.
Require strong passwords and multifactor authentication.
Update business software.

Choose Partners Wisely

“Accountability extends beyond the four walls of your company, so it’s crucial to partner with organizations that take cybersecurity seriously,” Supply Chain Brain said. “Companies can do this by making sure that their partners have effective awareness training programs in place, and that they rigorously track the performance of those programs with assessments such as simulated phishing. If vendors and other partners can’t meet these standards, companies should look elsewhere.”

Stay Informed

Companies need to publicly share the lessons learned from cyberattacks.

“Just as companies must have strict requirements for how data is shared, stored, and managed, it’s critical to make sure that third-party partners prioritize employee training and cybersecurity awareness,” Supply Chain Brain said. “An emphasis on awareness training will improve the cybersecurity posture of all links in the supply chain, and address the full range of potential cyberattacks.”

Supply Chain Now Is Your Source for Cybersecurity News

Supply Chain Now covers the latest developments in cybersecurity and analyzes what went wrong when supply chain operations are hit by cybercriminals.

From podcasts to livestreams, vlogs, virtual events, and articles, Supply Chain Now delivers everything you need to know about the latest global supply chain developments. We connect viewers, listeners, and readers directly to the supply chain leaders most frequently sourced for insights as we spotlight the people, technology, best practices, critical issues, and opportunities impacting the global supply chain.

Our library is packed with programming addressing a huge variety of supply chain topics. Among the available podcasts addressing cybersecurity are:

“Top 5 Cybersecurity Priorities for Manufacturing Leaders in 2023.”
“An Ounce of Cyber Risk Prevention Is Worth a Pound of Cure.”
“4-Step Guide to Thwarting Cyber Threats in Critical Infrastructure.”
“Unmasking Cyber Risks: Simplifying the Complexities for Business Owners.”
“Cybersecurity for the Modern Healthcare Network.”

Check out these and other Supply Chain Now podcasts. Listen now.

More Articles

supply chain

Articles

November 15, 2024

Big Ideas: What’s on the Horizon for Supply Chain 2025?

Change is certainly going to come, and a number of developments are expected to impact the supply chain in 2025. That includes the increased adoption of artificial intelligence (AI) and robotics, investment growth in renewable energy, and momentum gains for nearshoring. No matter what happens in 2025, Supply Chain Now will be there every day to serve as the voice of the industry and keep supply chain podcast listeners informed about the big ideas as well as the little changes that could make a big impact. Ongoing Disruptions Are Set to Impact Industry The question isn’t whether there will be supply chain disruptions in 2025. It’s a matter of when, where, and the cause of the disruption. The International Longshoremen’s Association could go on strike again in January if a contract agreement is not reached. The Houthi could stage more attacks on containerships in the Red Sea at any time. And weather-related disasters could range from deadly ice storms to floods to hurricanes anywhere in the country. “Looking ahead to 2025, we can predict some major shifts and challenges for supply chains. Right now, businesses around the world are facing increasing pressure to adapt to new technologies, environmental impacts, and…

resilience in supply chain

Articles

September 26, 2024

Supply Chain Now’s Guide to Resilience in the Supply Chain

The resiliency of the supply chain has been tested time and time again — strained by weather-related events like hurricanes, global crises such as COVID-19, disasters like the Francis Scott Key Bridge collapse, and security breaches from cyberattacks. Supply chain resilience will continue to be tested. In fact, a major supply chain crisis could be just days away as the International Longshoremen’s Association (ILA) could stage a strike at ports all along the East and Gulf coasts of the United States as soon as Oct. 1. Beyond the Buzz: What is Supply Chain Resilience? “Supply chain resilience refers to the ability of a supply chain to prepare for unexpected events, adapt to disruptions, and recover quickly to restore its normal service levels,” Inbound Logistics said. “It’s not merely about preventing disruptions but being able to turn challenges into opportunities for growth and improvement.” Supply Chain Dive said because of events like COVID-19, the Panama drought, and Houthi attacks in the Red Sea, supply chain disruptions have become “part of the public’s consciousness and everyday nomenclature.” “The risk in our global economy is that supply chain disruptions are guaranteed to continue, but no forecast exists to tell us when or how…

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.