3 Ways to Mitigate Cyber Risk in Your Supply Chain
In March 2019, when U.S. Coast Guard Deputy Commandant for Operations Daniel Abel spoke at a panel for The Brookings Institution, he cited reports from shippers and ships: “I’ve had a cyber breach and I’m inbounding to your port.” Cyber risks to supply chains in shipping, transportation, and logistics have only intensified since then.
“Cyber is a great enabler, but it’s also a great vulnerability,” he said.
A perfect storm
From origin to destination, information and goods can be transferred across a complex network of stakeholders. The growing interconnectedness across Internet of Things (IoT) devices and operational technology (OT) systems amplifies the risk of any single threat having a profound impact on business operations. As logistics information becomes digitalized, processes move online, and operations involve numerous companies using different technological systems, it’s a perfect storm for cybercriminals.
As these innovations evolve, companies can take broader steps to manage and mitigate risk. Here are three ways that organizations can mitigate supply chain attacks.
1. Gain visibility and control
As adversaries seek new ways to infiltrate logistics supply chains, companies must consider more than just the security of their internal operations. They also must look at the threats posed by external parties with virtual access to information systems and data.
What data is available? Who has access to it? How will it be used? Security starts with visibility, trust, and transparency.
Build relationships across the logistics supply chain to track risk factors such as ownership, manufacturing locations, supplier relationships, and vulnerabilities
Employ continuous monitoring, supported by deep multidimensional analytics
Extend vetting processes to subcontractors
Make expectations for security controls and periodic auditing part of vendor contracts
2. Monitor the threat landscape
To determine how adversaries might disrupt your logistics operations, consider their motivations. Advanced Threat Hunting is one tool that can help. This methodology combs through metadata to identify malicious events across an organization’s entire infrastructure. Combined with insights from Threat Intelligence, Threat Hunting can proactively thwart breaches that might otherwise happen under the radar.
Advanced Threat Hunting, coupled with visibility into internal systems through endpoint tools, network sensor and centralized log aggregation via SOAR platforms, can help you uncover evidence that’s already happening, gain deep cross-enterprise visibility, and identify gaps in your organization’s threat detection capabilities. With consolidated monitoring, organizations can gain visibility into threats faster and increase their odds of uncovering complex attack chains before they do serious damage.
3. Be prepared with response and remediation
Even with this pre-work in evaluation and monitoring, it’s important not to become overly confident – relentless preparation is key. When (and not if) an incident does happen, it’s best to be practiced, poised, and ready to swiftly and effectively respond to minimize damage throughout the supply chain.
A well-synced response effort starts with a coordinated approach to supply chain management and incident response:
Have a plan for alerts and responses—practice and train relevant employees on that plan
Understand the response plans third parties and suppliers have in place. Don’t assume they will handle everything for you.
Integrate third parties into your organization’s response plan. Learn what they’ll alert you about, when they’ll alert you, and how it will be communicated.
Preparing for the worst gives your organization valuable insights, including insight into what happens during an incident and how parties can work together even more effectively to mitigate the damage faster and better.
The bottom line
A breach does more than compromise sensitive information, shut down operations, and disrupt delivery schedules. The consequences, which range from deteriorated customer trust to decreases in ROI, can last for years. By increasing visibility and building trust across your logistics supply chain—and having a response and remediation plan—you can mitigate the risks, and consequences, of a cyberattack.