A number of recent cyberattacks in the UK have pointed out how weaknesses in a company’s cybersecurity can lead to larger scale supply chain issues, cementing the importance of cybersecurity in all types of industries and businesses. So far since the onset of the pandemic, we’ve seen a positive correlation emerge, where companies with higher levels of cybersecurity have suffered less – in terms of operations and logistics, and subsequently performance and profit – than companies with sub-par levels.
Cyberattacks like the ones occurring in force over the past year can cripple a company’s IT and communications capabilities. The ensuing effects could result in a shortage of all kinds of food items, from energy drinks to packets of crisps. The larger issue at hand though, is that after falling prey to a cyberattack, many supplier find themselves unable to safely process transactions. Head of risk and resilience of cybersecurity firm Mimecast, Carl Wearn, recently spoke about the ‘real-life’ consequences of ransomware and that “they are becoming more common than ever before.” A number of retailers who have been affected by recent cyberattacks have needed to take stringent measures in their operations, such as limiting size orders, until they can resolve their security issues.
It is thought that ransomware attacks in Britain have doubled since 2020, costing the nation hundreds of millions of pounds. Intelligence agency GCHQ has recommended that British companies bolster their digital security precautions, particularly in the face of growing tensions with Russia and the Ukraine situation. The UK government is already enacting legislation to help businesses protect themselves against cyber-risk. Owing to the delicate nature of supply chains, businesses in this sphere should be looking at upping their security lest they find themselves victims of an attack and unable to fulfill orders on time or safely process transactions.
Why has cybersecurity become such a massive concern only recently? The pandemic is the short answer. At the onset of the pandemic, there was a huge flow of sensitive and secure data to ‘untrusted locations’ i.e. the home office. New remote workers became victims of ransomware and phishing almost instantaneously, creating significant security concerns for any company with a workforce that was suddenly working from home.
A supply chain attack specifically targets a third-party vendor whose operations are crucial to an operative supply chain. They can attack either software or hardware, though software is more of a concern nowadays. In 2021, Crowdstrike came out with a Global Security Attitude Survey which delivered some stark statistics:
- 84% believe that software supply chain attacks could become one of the biggest cyber threats to organizations.
- 54% of organisations affected by supply chain software cyberattacks said they were, at the time, without a response strategy.
What can you do in your business to ensure you are as well-protected as possible? There are a number of options, ranging from the structural level down to simply modifying staff behaviour. For example, running regular trainings and workshops on computer health and safety for your employees is a cost-effective, low-stakes way to ensure your company’s technology is being handled safely and securely. Periodically resetting passwords and securely backing up data should go without saying, but it’s always worth a reminder to do these things in fast-paced businesses where such tasks can often fall by the wayside.
On the larger scale, investing in systems to protect and screen your company’s cybercapabilities is not just recommended, but is essentially imperative to function safely as a business. Investing a third-party audit of your cybersecurity is a great first step, as it can identify problem areas and pinpoint the weaknesses in your cyberframework.
We’ve already seen the effects of disrupted supply chains as a result of COVID-19. A cyberattack can equally grind operations to a stop and result in similar scenes – empty shelves, long delivery times, and general uncertainty. Being proactive in protecting your supply chain is the best way to ensure your business remains profitable and reliable for you and your clients.