• Advertise
  • Contact Us
  • About Us
  • Supplier Directory
  • SCB YouTube
  • Login
  • Subscribe
  • Logout
  • My Profile

  • CORONAVIRUS
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Express/Small Shipments
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management (Big Data/IoT/Blockchain)
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Sourcing/Procurement/SRM
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • SC Security & Risk Mgmt
    • Supply Chains in Crisis
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Robotics
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • REGIONS
    • Asia Pacific
    • Canada
    • China
    • Europe
    • Latin America
    • Middle East/Africa
    • North America
  • THINK TANK
  • WEBINARS
    • On-Demand Webinars
    • Upcoming Webinars
  • PODCASTS
  • VIDEOS
  • WHITEPAPERS
Home » Blogs » Think Tank » Five Ways Shippers Can Shore Up Cybersecurity

Think Tank
Think Tank RSS FeedRSS

Logistics / Global Logistics / Ocean Transportation / Supply Chain Security & Risk Mgmt

Five Ways Shippers Can Shore Up Cybersecurity

data
Network cables in a data center. Photo: Getty Images.
June 2, 2022
Mike Wilson, SCB Contributor

Supply chain problems today seem endless, from chip shortages to port congestion to ships running aground. In response, carriers and shippers are accelerating the pace of digital transformation and connecting every aspect of the supply chain. And that, in turn, is creating new security challenges that hackers are readily taking advantage of.

Supply chains are appealing to the cybercriminal community because of the opportunity for wide-scale fraud. Successful attacks are on the uptick, with well-known examples including the NotPetya ransomware attack on Maersk, which resulted in closing down ports and spending over $300m to restore its systems. In addition, this had a significant impact on Maersk's reputation. Suspected nation-state-backed hackers recently targeted the Port of Houston; however, the attack was thwarted before major disruption occurred.

With the spotlight on the supply chain ecosystem, bad actors are looking for ways to exploit the uncertainty. And as the shipping industry becomes more digitized and connected, organizations rely increasingly on technology for tracking and monitoring. This presents a vast footprint for cybercriminals to exploit. As a result, carriers and shippers need to urgently shore up their defenses before a breach occurs.

The concern with cyberattacks on the shipping industry is that the implications extend beyond digital systems to the physical world. The Maersk ransomware attack didn't just affect its systems; it resulted in ports being closed, impacting the entire supply chain ecosystem. The potential knock-on risks from a successful cyber attack are vast, from port equipment failures, resulting in safety concerns, to autonomous ships taken over by rogue actors. Organizations must take into account the potential for significant liability and safety issues that can occur from a breach.

Here are five steps that help prevent the likelihood of a successful cyberattack.

Conduct disaster-recovery planning spanning physical and digital systems. With the risk exposure from a cyber breach spanning the digital and physical worlds, disaster planning must account for this. Therefore, in addition to digital recovery initiatives, it's vital to plan how to handle the potential operational impact. Training must incorporate onshore and at-sea elements to prepare for every conceivable scenario, however unlikely it may seem.

Practice zero-trust at all times. As digitization expands, the security perimeter no longer exists. Therefore, the strategy of relying solely on a firewall needs to be retired. All systems across the ecosystem require authenticated access, which is a challenge for organizations that have been grappling with remote or hybrid workforces. A zero-trust mindset is vital when you swap out workers for ships, trains or trucks.

Realize that security is everybody’s problem. In addition to looking at their own security posture, organizations need to evaluate the security of the entire software supply chain. NIST's Cyber Supply Chain Risk Management (C-SCRM) provides a blueprint for how organizations can undertake a review of supplier’s software.

Double down on security fundamentals. Security basics such as endpoint detection to authentication are still critical. Often, fundamentals like passwords are the weak link that cybercriminals take advantage of. The Colonial Pipeline attack resulted from an ineffective password policy that failed to consider security best practices and NIST recommendations. Simple steps such as making multi-factor authentication mandatory and screening for compromised credentials must be adhered to. In addition, organizations need to prioritize software updates and security patches without delay. Otherwise they’re laying out the red carpet for bad actors to exploit.

Invest in ongoing employee training. As the cyber landscape continues to evolve and bad actors deploy increasingly more sophisticated approaches, employees must receive regular training. This ensures that they’re up to speed on the latest arsenal of tactics, so they don't accidentally help cybercriminals in their quest to gain access. The cost-benefit analysis of failing to invest in training makes this an easy decision.

As the shipping industry grapples with ongoing disruption and uncertainty, it can't ignore the growing risk from cyberattacks. With smart shipping on the rise, the potential for chaos to ensue from a successful breach continues to escalate. The entire supply chain ecosystem must shore up its defenses, or run the risk of letting cybercriminals sail in and take over.

Mike Wilson is founder and chief technology officer at Enzoic.

RELATED CONTENT

RELATED VIDEOS

Wake up to live
“Supply Chains in Crisis”
updates and the latest Supply Chain News!

Subscribe to our Daily Newsletter

Timely, incisive articles delivered directly to your inbox.

Popular Stories

  • coworkers collaborate

    Podcast | Linking Planning and Execution for Real-Time Decision-Making

    Sales & Operations Planning
  • FedEx

    FedEx Faces Big Changes as New Boss Confronts Higher Costs, Angry Contractors

    Last Mile Delivery
  • cyber crime

    The Cyber Blind Spot That Makes Every Supply Chain Vulnerable

    Regulation & Compliance
  • 0627_Guitars.png

    Sweetwater Responds to the ‘New Face of Agility’ in Supply Chain and Merchandising

    Inventory Planning/ Optimization
  • Port of Long Beach

    Supply Issues Account for Half of Surge in U.S. Inflation, Study Says

    Global Supply Chain Management

Digital Edition

Scb may 2022 sm

2022 Supply Chain ESG Guide

VIEW THE LATEST ISSUE

Case Studies

  • 3PL Doubles Productivity With Robots to Fulfill Medical Supply Orders

  • E-Commerce Company Cuts Order Fulfillment Time by 40%

  • Fashion Retailer Halves Fulfillment Time With Omichannel Automation

  • Distributor Scales Business by Integrating Warehouse Automaton Software

  • Fast-Growing Fashion Brand Scales E-Commerce Fulfillment With Whiplash

Visit Our Sponsors

Yang Ming Alithya Barcoding
Blue Yonder BNSF Logistics Generix
GEP GreyOrange Here
Honeywell Intelligrated IFM Inmar
Keelvar Kinaxis Korber
Liberty SBF Locus Robotics Logility
Lucas Systems Nvidia Old Dominion
ORTEC Parsyl QIMA
Redwood Logistics Saddle Creek Logistics Schneider Dedicated
Setlog Holding AG Ship4WD Shipwell
Tecsys TGW Systems Thomson Reuters
Tive Trailer Bridge Vecna Robotics
Verity
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • On-Demand Webinars
    • Upcoming Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Your Subscription
    • Newsletters
  • Resources
    • Events Calendar
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright ©2022 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing