Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Supply chain cybersecurity trends: What professionals should be aware of and how to prepare for 2022

By Mark Jones
supply-chain-freepik
October 14, 2021

Thoughtful investment in cybersecurity measures goes beyond technology. Not only are digital tools and updated software important, but IT professionals are also essential in building resilient infrastructure. Industries across the board that utilize cyberspace to any degree are at risk for cyberattacks, so understanding how to use technology and human expertise to both proactively prepare for and reactively combat against threats is key. 


The first step is to remember that no two industries function just alike or face the same challenges. With cybersecurity, in particular, some are more stable and prepared, while others are still grasping what to look for and how to handle it. For example, the supply chain industry is slowly advancing its security capabilities and solutions as individuals and organizations are working on updating systems that have been in place for years. Throughout the past two years, supply chain professionals have experienced the national and international disruptions that can occur as a result of cyberattacks, with some threats completely halting certain sectors. This cybersecurity threat may not have always felt close to home with the supply chain industry, but as cybercriminals get smarter, they learn which targets may be more vulnerable. In turn, vulnerability results in profitability for the attacker, which unfortunately could result in more similar attacks.


With experience, both good and bad, comes knowledge. One lesson learned in recent years is how interdependent each section of the global supply chain is on another. If one facility, port, software or database is interrupted due to an attack, countless companies and consumers can be impacted, resulting in great financial loss and compromised data. In fact, more than 30 billion records were exposed in data breaches just last year. In an effort to avoid such attacks, individuals and organizations should keep in mind a handful of key steps to becoming more resilient and secure, and senior leadership needs to ensure that they and their team members feel confident in the systems and security they have in place. 

 

Understand the Most Common Threats

Top cybersecurity threats to remain cognizant of include but are not limited to malware, phishing and human error. A malware attack, or a virus attack, occurs when malicious software executes unauthorized action with the intent to cause damage to a computer, server or other similar systems. Phishing refers to the act of sending fraudulent communications that appear to come from a known and trustworthy source. With human error, individuals can make simple mistakes by mishandling data, leading to sharing sensitive information with the wrong recipient. On average, about 2,200 cyberattacks occur on a daily basis, so proactive planning is essential in limiting room for threats to come to fruition no matter the source. Although other threats exist, these types of attacks are some of the most common and can make a severe impact on a company’s operations.

 

Determine Risk Factors and Adaptive Strategies

Risk can appear differently depending on which industry or type of organization is in question. Within the supply chain, organizations often have a long list of partners that they coordinate with, from sourcing to production to delivery. Unfortunately, the more partners or third-party vendors are involved, the more room there is for a threat to come to fruition. All parties involved must be on high alert for attacks that come their way, which could affect more than one individual or organization.


Take retail-giant Target, for example. In 2014, a third-party vendor was the victim of a cyberattack operation, which resulted in a security breach with Target’s infrastructure. With financial loss estimated at $162 million, this incident is one of the most costly attacks in recent years. However, the risk is not simply limited to exposure through partners and vendors. If an organization does not take the proper steps to improve security, from investing in training to technology, it tends to be less flexible when threats are discovered. 

 

Take Control with Enhanced Technology

In conjunction with determining risk factors that apply to a certain organization or industry, it’s important to consider steps that can be implemented on a regular basis to check in on vulnerabilities. Over time, those insecurities may change, so performing an audit of current practices and tools allows for enhanced adaptability moving forward. One way to do so is by completing quarterly or annual pen tests, short for penetration tests, which are created to evaluate the IT infrastructure to identify weaknesses that could open the door for a cyberattack.

 

Invest in Cybersecurity Training 

Building awareness around top cybersecurity threats and how to spot them allows for team members across each level of an organization to be able to spot attacks before they happen. In addition to providing employees with an understanding of which threats they need to look out for and how they may appear, training should also include a guide on best practices for the particular job or field an employee is in. Supply chain best practices may not fully encompass the threats that another industry could experience, so due diligence is imperative as an organization works to train employees at each level.


From an executive standpoint, individuals within an organization look to leadership to do just that: lead. Guidance and transparency are imperative for executives and senior-level team members to provide to their employees. Sharing knowledge through thoughtful training is not only a starting point but also a practice to incorporate regularly. From an employee’s perspective, transparency is important to feel like they have a grasp on what is happening within their own organization, which is helpful in understanding the potential threats, current risk or reactive measures tied to cyberattacks that may occur. It is no longer about if, so when an attack does occur, take note of what steps could have been taken to avoid the incident and learn from those mistakes. Whether a vulnerability in a security system, an attack on your supply chain, or an employee’s misstep is the cause, an organization can bounce back from even the most costly attack by executing a thoughtful recovery and implementing the right proactive steps for the future.


As individuals and organizations across the country recognize National Cybersecurity Awareness Month, it’s important to take the time to explore ways to improve from a day-to-day perspective to a year-over-year outlook. Some practices are relevant for years, while others need to be updated on a regular basis. Ensuring that both people and technology are top of mind at all times will pay off in the long run. Cybersecurity threats are not going anywhere anytime soon, but a proper mix of proactive measures and reactive solutions will generate success and sustainability.

KEYWORDS: cyber security data breach information security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Mark Jones is Chief Information Security Officer of the Transportation Insight Holding Company.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Columns
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • coronavirus

    What Security Companies Should be Aware of When Navigating a Pandemic

    See More
  • mobile device cyber security

    Mobile security in 2022: What to expect & how to prepare

    See More
  • cyber security network graphic

    4 cybersecurity threats that organizations should prepare for in 2022

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing