• Advertise
  • Contact Us
  • About Us
  • Supplier Directory
  • SCB YouTube
  • Login
  • Subscribe
  • Logout
  • My Profile
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Express/Small Shipments
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management (Big Data/IoT/Blockchain)
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Sourcing/Procurement/SRM
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • SC Security & Risk Mgmt
    • Supply Chains in Crisis
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Robotics
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • THINK TANK
  • WEBINARS
    • On-Demand Webinars
    • Upcoming Webinars
    • Webinar Library
  • PODCASTS
  • VIDEOS
  • WHITEPAPERS
Home » Blogs » Think Tank » The Rise of 'Zero Trust' Supply Chains — and How to Put Security First

Think Tank
Think Tank RSS FeedRSS

The Rise of 'Zero Trust' Supply Chains — and How to Put Security First

data
Network cables in a data center. Photo: Getty Images.
April 21, 2022
Gil Vega, SCB Contributor

Last year was a smash hit for hackers, as millions fell victim to cyberattacks and ransomware — including 48 million individuals in manufacturing and utilities alone. Enterprise supply chains were particularly vulnerable, with over 95% of firms facing attacks in 2021.

Cyberattacks often result in lost or compromised data, and companies are at risk of being targeted at any time. According to the Veeam Data Protection Trends Report 2022, nearly 90% of enterprises today are at risk of losing precious data, with 76% reporting at least one ransomware event within the past 12 months, and over 90% unable to recover some of their lost data.

What does this mean for supply chains? Essentially, when supply chains are attacked, all corporate functions are threatened, including transportation, vendor management, sourcing, supply chain continuity and quality, and many other functions that require a coordinated effort to be resolved. The ongoing barrage of cyberattacks across industries has left organizations facing trickle-down effects that will have an impact for years to come.

For instance, a payroll and staffing company spent over a month cleaning up following an attack, subsequently delaying employee payroll. And just last December, a Colorado energy company lost 25 years’ worth of data after an attack took down 90% of its internal systems.

Lacking proper data backup and the demonstrated ability to restore it, these companies not only lost invaluable data and time, but also potentially the trust of employees, consumers, shareholders, and board members. If businesses want to protect their people, they must start by protecting their data. So what can they do to get ahead of cyberattacks and ensure that their data, employees and customers aren’t impacted long term?

Zero Trust

According to IBM, the average cost of a data breach surpasses $4.2 million. In today’s dynamic cyberthreat landscape, it is unrealistic to continue ignoring prevention in favor of the cure. With the growing popularity or zero trust architectures, it’s time that companies start adapting their legacy systems to match the threats they face.

Take preventive measures to defend your attack surfaces. Implement security requirements in every contract and agreement you sign, including signaling potential vulnerabilities and predetermining responses to breaches. Supply chain vendors should be pre-assessed for their security measures to confirm that they’re are up to standard. Vendors should work with your security team virtually and on site to address any security gaps, and software and hardware should require authentication for access to a limited few.

Adopt systems to identify, track, and trace all components of your organization’s supply chain seamlessly. According to Blue Voyant, four in five firms have suffered a cybersecurity breach caused by a third-party vendor. By investing in the right technologies and automating manufacturing and testing sites, you can eliminate the possibility of human error. A company’s security hygiene doesn’t stop at its devices or vendors; zero trust can ensure that all steps of a supply chain, from manufacturing to implementing, are secure from incidental or intentional harm.

A Security-First Philosophy 

A security-first approach that encompasses the culture and mindset of the company is the best way to successfully cover a supply-side attack surface. Once you embed a cautious and security-oriented focus in your employees, and provide the appropriate tools and training, security can be streamlined to fit into every department. This secures all open touchpoints that can access your company’s supply chains, and ensures a secure supply chain in the long run.

Introduce regular security training, awareness, and supply chain development programs to your employees, so that everyone fosters a healthy security hygiene. Host tabletop exercises and simulate phishing attacks so that your employees can demonstrate their capacity to respond in such cases. Use monitoring tools to identify your supply chain and security employees’ strengths and weaknesses, and help them to overcome these weaknesses. In the meantime, adjust your security accordingly to cover all attack surfaces. If these align with your third-party vendors’ approaches, all the better, as your perspective and approach to security will be mutual.

There will always be threats that change, adapt and penetrate layers of security. If the culture and philosophy of a company instills a sense of skepticism and deep knowledge of security in employees, these threats can be promptly spotted and resolved, thereby protecting the entire company.

No one is 100% immune to danger or disaster — even Sparta had its bad days. Your enterprise should adopt a defense strategy to protect customers and projects if things go wrong. Unfortunately, not enough people are taking action to protect their supply chains when they do.

Cloud service providers (CSPs) can expand the focus to include data backup and recovery. They should introduce automated backup tools and measures that keep customers on track when the inevitable befalls them. A business has a responsibility to its clients and their data to ensuring system recovery against disaster. Implement disaster recovery planning across your departments, and ensure these are regularly updated to anticipate all eventualities and cover all attack surfaces. While cost-intensive, the return on investment will be evident when disaster strikes.

Every business needs a plan that stands up to the rigors that system outages and data loss can bring. Investing in protection will ensure data availability. In an increasingly competitive cloud market, this is no longer a tentative option, but a crucial next step — the last line of defense for business continuity.

There’s no guarantee that a company can completely protect its supply chain from being compromised. Such threats make it a necessity to practice good security hygiene, embrace a security-first mindset, assume you’re operating in a state of perpetual compromise, and implement a data recovery plan. Without these defense measures securing an organization from top to bottom, you can expect a lot more than “trickle-down” consequences and a few million victims.

Gil Vega is chief information security officer at Veeam.

Supply Chain Visibility Supply Chain Security & Risk Mgmt

RELATED CONTENT

RELATED VIDEOS

Subscribe to our Daily Newsletter!

Timely, incisive articles delivered directly to your inbox.

Popular Stories

  • DOCUMENTS BEARING THE INSIGNIA OF US CUSTOMS AND BORDER PROTECTION LIE ON A TABLE

    New CBP Regs Call for Greater Diligence by Brokers in Reporting Security Breaches

    Freight Forwarding/Customs Brokerage
  • A WORKER IN A WAREHOUSE, SUPERIMPOSED WITH GRAPHICS SHOWING SUPPLY NETWORK

    Enabling Intelligent Visibility With Supply Chain Analytics

    Data Management (Big Data/IoT/Blockchain)
  • GSCMS-Promo.png

    Watch: Introducing the Global Supply Chain Marketing Summit

    Education & Professional Development
  • A HAND TURNS A LARGE, LIGHTED DIAL WITH THE WORD RISK ON IT iStock-NicoElNino-1364371014.jpg

    Measuring KPIs and KRIs for Comprehensive Supplier Performance Management

    Technology
  • DEEPLY CRACKED EARTH UNDER A BLUE CLOUDY SKY

    Why Maritime Supply Chains Must Adapt to Sustainability Regulations

    Ocean Transportation

Digital Edition

Scb nov 2022 sm

2022 Supply Chain Innovator of the Year

VIEW THE LATEST ISSUE

Case Studies

  • New Revenue for Cloud-Based TMS that Embeds Orderful’s Modern EDI Platform

  • Convenience Store Client Maximizes Profit and Improves Customer Service

  • A Digitally Native Footwear Brand Finds Rapid Fulfillment

  • Expanding Apparel Brand Scales Seamlessly with E-Commerce Technology

  • How a Global LSP Scaled its Security Program and Won More Business

Visit Our Sponsors

Orderful Yang Ming Alithya
Barcoding Blue Yonder BNSF Logistics
CoEnterprise Data Capture Deposco
E2open GAINSystems Generix
Geodis GEP GreyOrange
Here Honeywell Intelligrated IFM
Infor Inmar Keelvar
Kinaxis Korber Lean Solutions Group 2H
Liberty SBF Locus Robotics Logility
LogistiVIEW Lucas Systems MCA Connect
MPO Nvidia Old Dominion
OpenText ORTEC Overhaul
Parsyl PMMI QIMA
Redwood Logistics Ryder E-commerce by Whiplash Saddle Creek Logistics
Schneider Dedicated Setlog Holding AG Ship4WD
Shipwell Tecsys TGW Systems
Thomson Reuters Tive Trailer Bridge
Vecna Robotics Verity
Verusen
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • On-Demand Webinars
    • Upcoming Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Your Subscription
    • Newsletters
  • Resources
    • Events Calendar
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright ©2023 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing