• Advertise
  • Contact Us
  • About Us
  • Supplier Directory
  • SCB YouTube
  • Login
  • Subscribe
  • Logout
  • My Profile
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Express/Small Shipments
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management (Big Data/IoT/Blockchain)
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Sourcing/Procurement/SRM
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • SC Security & Risk Mgmt
    • Supply Chains in Crisis
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Robotics
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • THINK TANK
  • WEBINARS
    • On-Demand Webinars
    • Upcoming Webinars
    • Webinar Library
  • PODCASTS
  • VIDEOS
  • WHITEPAPERS
Home » Blogs » Think Tank » Five Ways Shippers Can Shore Up Cybersecurity

Think Tank
Think Tank RSS FeedRSS

Five Ways Shippers Can Shore Up Cybersecurity

data
Network cables in a data center. Photo: Getty Images.
June 2, 2022
Mike Wilson, SCB Contributor

Supply chain problems today seem endless, from chip shortages to port congestion to ships running aground. In response, carriers and shippers are accelerating the pace of digital transformation and connecting every aspect of the supply chain. And that, in turn, is creating new security challenges that hackers are readily taking advantage of.

Supply chains are appealing to the cybercriminal community because of the opportunity for wide-scale fraud. Successful attacks are on the uptick, with well-known examples including the NotPetya ransomware attack on Maersk, which resulted in closing down ports and spending over $300m to restore its systems. In addition, this had a significant impact on Maersk's reputation. Suspected nation-state-backed hackers recently targeted the Port of Houston; however, the attack was thwarted before major disruption occurred.

With the spotlight on the supply chain ecosystem, bad actors are looking for ways to exploit the uncertainty. And as the shipping industry becomes more digitized and connected, organizations rely increasingly on technology for tracking and monitoring. This presents a vast footprint for cybercriminals to exploit. As a result, carriers and shippers need to urgently shore up their defenses before a breach occurs.

The concern with cyberattacks on the shipping industry is that the implications extend beyond digital systems to the physical world. The Maersk ransomware attack didn't just affect its systems; it resulted in ports being closed, impacting the entire supply chain ecosystem. The potential knock-on risks from a successful cyber attack are vast, from port equipment failures, resulting in safety concerns, to autonomous ships taken over by rogue actors. Organizations must take into account the potential for significant liability and safety issues that can occur from a breach.

Here are five steps that help prevent the likelihood of a successful cyberattack.

Conduct disaster-recovery planning spanning physical and digital systems. With the risk exposure from a cyber breach spanning the digital and physical worlds, disaster planning must account for this. Therefore, in addition to digital recovery initiatives, it's vital to plan how to handle the potential operational impact. Training must incorporate onshore and at-sea elements to prepare for every conceivable scenario, however unlikely it may seem.

Practice zero-trust at all times. As digitization expands, the security perimeter no longer exists. Therefore, the strategy of relying solely on a firewall needs to be retired. All systems across the ecosystem require authenticated access, which is a challenge for organizations that have been grappling with remote or hybrid workforces. A zero-trust mindset is vital when you swap out workers for ships, trains or trucks.

Realize that security is everybody’s problem. In addition to looking at their own security posture, organizations need to evaluate the security of the entire software supply chain. NIST's Cyber Supply Chain Risk Management (C-SCRM) provides a blueprint for how organizations can undertake a review of supplier’s software.

Double down on security fundamentals. Security basics such as endpoint detection to authentication are still critical. Often, fundamentals like passwords are the weak link that cybercriminals take advantage of. The Colonial Pipeline attack resulted from an ineffective password policy that failed to consider security best practices and NIST recommendations. Simple steps such as making multi-factor authentication mandatory and screening for compromised credentials must be adhered to. In addition, organizations need to prioritize software updates and security patches without delay. Otherwise they’re laying out the red carpet for bad actors to exploit.

Invest in ongoing employee training. As the cyber landscape continues to evolve and bad actors deploy increasingly more sophisticated approaches, employees must receive regular training. This ensures that they’re up to speed on the latest arsenal of tactics, so they don't accidentally help cybercriminals in their quest to gain access. The cost-benefit analysis of failing to invest in training makes this an easy decision.

As the shipping industry grapples with ongoing disruption and uncertainty, it can't ignore the growing risk from cyberattacks. With smart shipping on the rise, the potential for chaos to ensue from a successful breach continues to escalate. The entire supply chain ecosystem must shore up its defenses, or run the risk of letting cybercriminals sail in and take over.

Mike Wilson is founder and chief technology officer at Enzoic.

Logistics Global Logistics Ocean Transportation Supply Chain Security & Risk Mgmt

RELATED CONTENT

RELATED VIDEOS

Subscribe to our Daily Newsletter!

Timely, incisive articles delivered directly to your inbox.

Popular Stories

  • karen-jones.jpg

    Watch: Four Industry Disrupters Impacting Logistics

    Data Management (Big Data/IoT/Blockchain)
  • THE SPACE AROUND A COMPUTER KEYBOARD IS CLUSTERED WITH IMAGES GENERIC SHIPPING BOXES

    How Suppliers Can Overcome E-Commerce Supply Chain Challenges

    Data Management (Big Data/IoT/Blockchain)
  • A CSX TRAIN IS SEEN FROM THE FRONT

    CSX’s New CEO Has a Big Idea for Railroads: Carry More Freight

    Rail & Intermodal
  • A SEATED PERSON HOLDS A SMARTPHONE, SHOPPING

    Retail Consumer Data: The Key to Personalization, or Privacy Violation?

    Regulation & Compliance
  • TWO MEN IN SUITS ENGAGE IN CONVERSATION ACROSS A COFFEE TABLE HOLDING AN OPEN LAPTOPIN AN OFFICE

    For Shippers, Disruption Means Opportunity to Rethink Carrier Strategy

    LTL/Truckload Services

Digital Edition

Scb q1 2023 cover

2023 Supply Chain Management Resource Guide: Packing for a Difficult Year

VIEW THE LATEST ISSUE

Case Studies

  • New Revenue for Cloud-Based TMS that Embeds Orderful’s Modern EDI Platform

  • Convenience Store Client Maximizes Profit and Improves Customer Service

  • A Digitally Native Footwear Brand Finds Rapid Fulfillment

  • Expanding Apparel Brand Scales Seamlessly with E-Commerce Technology

  • How a Global LSP Scaled its Security Program and Won More Business

Visit Our Sponsors

Orderful Yang Ming Alithya
Barcoding Blue Yonder BNSF Logistics
CoEnterprise Data Capture Deposco
E2open GAINSystems Generix
Geodis GEP GreyOrange
Here Holman Logistics Honeywell Intelligrated
IFM Infor Inmar
Keelvar Kinaxis Korber
Lean Solutions Group 2H Liberty SBF Locus Robotics
Logility LogistiVIEW Lucas Systems
MCA Connect MPO Nvidia
Old Dominion OpenText ORTEC
Overhaul Parsyl PMMI
QIMA Redwood Logistics Ryder E-commerce by Whiplash
Saddle Creek Logistics Schneider Dedicated Setlog Holding AG
Ship4WD Shipwell Shyft
Sourcemap Tecsys TGW Systems
Thomson Reuters Tive Trailer Bridge
Vecna Robotics Verity
Verusen
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • On-Demand Webinars
    • Upcoming Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Your Subscription
    • Newsletters
  • Resources
    • Events Calendar
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright ©2023 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing