How COVID Put a Strain on the Already Delicate Relationship Between Supply Chains and Cybersecurity

In March 2021, the Ever Given — a giant container ship operated by the shipping company Evergreen — got stuck while it was passing through the Suez Canal, one of the world’s busiest trade routes. At least 30 ships got blocked back-to-back as a result. Although no one was injured, the blockage led to several delays in shipping and disruptions in various supply chain operations. Each day that the ship was lodged in the canal cost $9.6 billion in maritime traffic. The ship was finally dislodged after a week. 

This incident is an example of how a single disruption in a supply chain can trigger a chain reaction. 

Here, we will talk about the effects that the pandemic unleashed on global supply chain operations, and how organizations can rebuild their supply chains to be resilient, transparent, and efficient in cybersecurity. 

How COVID-19 impacted supply chain operations

The COVID-19 pandemic shocked and brought the entire world to a standstill. One of the most affected sectors was the global supply chain networks. The demand for various goods was heightened and organizations were struggling to keep up with it. This was apparent at the start of the pandemic when there was a massive shortage of essential groceries and medical supplies like PPE. Moreover, the pandemic forced a lot of labor-intensive industries to furlough their workforce leading to further cracks in the operations of supply chains.

When the first lockdown was imposed, several countries shut their borders to travelers and, with it, even ports and hubs that are necessary to transport goods and services. An example of this is China — one of the world’s largest hubs for sourcing raw materials, processing, and shipping goods. The stringent laws that were applied due to the pandemic impacted a lot of countries that were dependent on importing from China — especially in the U.S. China saw an 8.4% decline in industrial production and a 6.8% decline in GDP last year. High tech and automobile industries experienced the most widely disrupted supply chains. 

Once restrictions were eased and trade opened up again, the following supply chain disruptions came to light: 

• The stagnation of transport and delivery caused organizations to experience an extreme shortage of shipping containers. Most containers were sitting filled in depots or still docked on cargo ships. 

• Desperate to fulfill their supply requirements, several organizations had to decrease their container loading and emptying times to avoid further delay. In most cases, however, they were forced to purchase shipping containers at significantly hiked prices. 

• Similarly, transport modes used to execute deliveries suffered several hiccups. For example, cargo ships, which were also in a shortage, had to deal with congestion at international ports, leading to delayed deliveries. This further affected inland transportation modes like trucks and freight trains. Air cargo was also not a viable option due to flights being suspended and the high transport costs. 

• Warehouses reached maximum capacity and there was no place to store an influx of shipping containers due to the upscaled demand.  

Research shows that about 73% of organizations dealt with issues in their supply base; 75% of them experienced production and distribution issues. These disruptions, while signified due to the pandemic, continue to cause issues and affect the efficiency of supply chains. 

How do these supply chain disruptions affect cybersecurity? 

Already susceptible to cyberattacks, the pandemic’s effects further weakened supply chains and made them more vulnerable: 

• Organizations had to reallocate their resources to create contingency stores to stay afloat. As such, cybersecurity was often deprioritized. This made supply chains even more lucrative of a target for cybercriminals. Research shows that there will be a four-fold increase in supply chain attacks in 2021 as compared to 2020. 

• Due to the constant on-off pandemic restrictions, organizations had to find new suppliers and vendors quickly, often leaving them with little to no time to vet these third parties properly, thereby leading to an increased risk of cyberattacks.

• The pandemic made remote working essential. This often means that employees use their personal devices and equipment to download sensitive materials and files. This is inherently a security risk as organizations often failed to ensure that their employees’ devices are completely secure. 

• The incorporation of advanced and connected technologies like IoT and AI help organizations efficiently operate supply chain networks. However, these devices increase the attack perimeter if not monitored or updated regularly. Oftentimes, cybercriminals use them to launch attacks on critical infrastructure. 

What can organizations do to ensure that cybersecurity is maintained in supply chain networks? 

Here are some steps you can adopt to ensure that your organization’s supply chain is well protected and secure: 

1.  Annually conduct risk assessments to identify vulnerabilities in your organization’s supply chain network. With the acquired information, create efficient cybersecurity strategies that can minimize the risk factors, build resilience, enforce strong cybersecurity practices, and meet all the compliance regulations.
   
2. Digitalization is the key to secure your supply chain operations. Update all software, applications, and programs to the latest requirements to eliminate any vulnerabilities that cyber attackers could use to their advantage.
   
3. When diversifying your supply chain network, vet each partner thoroughly. Maintain a strict and high level of competence from suppliers and third-party vendors in your supply chain. Make sure they follow and practice efficient cybersecurity protocols, especially while handling sensitive data or material. Moreover, employ efficient third-party risk management solutions to further minimize any security risks.
   
4. Collaborate with your organization’s IT security team and prepare a robust incident response plan that can be executed in the event of an attack or a security breach. Make sure that you train and test all your employees on how to proceed in the case of an unfortunate security incident.