The Cybersecurity Implications Of Diversified Supply Chains

0

Written by Gwen Lee, Regional Director for ASEAN, Armis.

After three tumultuous years in which the world was rocked by successive COVID outbreaks, and the current escalation of geopolitical tensions that has significant impacted global trade, many businesses around the world are recognising the urgent need to diversify their supply chains.

As we have seen, the COVID-19 pandemic has affected every aspect of the supply chain, from the procurement of raw materials to the end consumer, exposing vulnerability and resiliency gaps for many businesses, while the ongoing conflict in Ukraine has seen global energy prices skyrocket.

As a founding member of the Association of Southeast Asian Nations (ASEAN) and the region’s leading financial centre, Singapore stands to gain from supply chain diversification. However, in the drive to secure a more diverse supply chain and lower the risk of disruption, many businesses overlook the importance of cyber security.

A recent report by Armis, the asset visibility and security company based in California, entitled the State of Cyberwarfare and Trends Report 2022-2023, has shown the impact of cybersecurity breaches on businesses in Singapore where 60% of businesses surveyed reported that their organization had been breached more than once, with a 36% increase in threat activity in the months between May and October 2022 compared to the six months prior.

Diversified supply chains are an area of potential weakness. Although essential for the supply chain to function, the sharing of information creates risk and exposes manufacturers to supply chain attacks, which can damage an organisation by targeting vulnerable elements.

What’s more, a diversified supply chain mean the involvement of more entities — often around the globe — thereby increasing the number of exposure points and escalating the likelihood of a cyber-attack.

Cyber-attacks can take different forms, from installing undetectable malware in electronics such as factory data networks, power systems, ATMs and computers to cause harm further down the supply chain network, to strikes on physical supply networks.

Organisations with poorly managed supply chain management systems are also vulnerable to cyber-attack, resulting in the loss of sensitive customer information and disruption in the manufacturing process, not to mention significant damage to a company’s reputation.

While modern technology is revolutionising the manufacturing industry, it is also expanding potential areas of attack. The network of interconnected devices and systems (aka the Industrial Internet of Things, or IIOT) is a prime target for cyber criminals.

Machine-to-machine communication, automation, analytics, the cloud and machine learning — all of which power new business models — potentially expose companies to cyber-attacks.

The report revealed that of Singapore residents — who are renowned for being tech-forward and innovative — 63% indicated that their organisation has stalled or stopped digital transformation projects in response to the threat, a significantly higher percentage than the global average of 55%.

More than 80% of Singaporean IT and security professionals think their organisation will invest more of their budgets in cybersecurity as a result of the rising threat.

Cyber-attacks disrupt operations and lead to costly downtime and the failure of critical services. In February 2022, a cyberattack on commercial satellite services in Ukraine caused electricity-generating wind farms to shut down across central Europe.

Attack vectors are increasingly sophisticated and insider threats and ransomware are on the rise, so it is critical that organisations focus their attention on cyber security when looking to diversify their supply chain.

It’s an age-old adage that prevention is better than cure and it remains just as true when it comes to the modern issue of cyber security.

While too often overlooked, information compromised in the supply chain can be just as damaging as information compromised within the organisation. It is a security issue that no one can afford to ignore.

In the context of a shifting threat landscape, businesses must go the extra mile to be fully prepared for the threat of cyberwarfare, which is halting technological advancements which stem from the implementation of digital transformation projects.

What’s needed is a proactive approach which includes developing a proper plan with complete asset visibility.

You can read the full report here.

Share.

Comments are closed.