How to stop cyber criminals from gaining access to your supply chain

cyber criminals, cyber security, cyber crime

Global cybercrime is on the increase, and it is predicted that damages will be up to $6 trillion annually by 2021. Criminals today are moving away from “traditional” robberies as they reap higher rewards, and there is less chance of getting caught.

They don’t need to concern themselves with leaving behind DNA at the crime scene, and they can target multiple victims at the same time. Rest assured that someone will fall into the trap. Advances have been made over recent years to detect the origination of a cyber attack.

However, it is still a lot easier to get away with, AND there is a guarantee that you won’t face any potential physical harm that traditional robberies often bring.

Computers and networks are being attacked at a rate of one attack every 39 seconds, according to a recent report from the  University of Maryland. Companies and individuals across the board need to be more alert, but companies and individuals in a supply chain need to be that much more vigilant as it’s no longer only about your inhouse security measures, you now need to worry about the security systems that your suppliers and customers have as well.

What cybersecurity measures should you be taking?

Take a look at just how many of your daily tasks are outsourced to another business. Does this business have access to your data? Do you have contracts in place that stipulate how, when, where, and to whom these companies can use and share your data? Do you know what cybersecurity measures these companies have in place before you give them access to your data?

SMEs are usually a good place for a cybercriminal to start. SMEs often don’t have the knowledge, resources, or budget to implement security systems, or they think they are safe – “why would anyone attack my SME when there are far bigger fish to fry out there?”

The problem is that cybercriminals use the SME to infiltrate the supply chain and then play “leapfrog” and jump from system-to-system to hopefully gain access to the big fish where they can either expose sensitive information or manipulate operations in the supply chain.

No security system is 100% cyber proof, but if you at least have something in place, the cybercriminal will far rather move on to an easier target than to try and gain access to your system. Anything is better than nothing. Start by protecting your own data center first and foremost. Then move outward and look at all third parties in your network to ensure that this next layer of security is in place.

Investigate all your third parties’ security systems to see how they would handle and recover from a cyber-attack. Make sure that you have access to your vendors’ security procedures in all areas of their, i.e., IT, Human resources, legal, and operational/procurement. Understand each vendor’s importance in your supply chain to determine the level of each one’s risk. Set expectations by entering into contracts with each vendor and follow-up regularly to assess performance. Cancel contracts with suppliers that don’t or won’t comply with security measures.

Your suppliers and their employees are an extension of your business – a cyber attack can affect many companies within a supply chain, so it’s in the best interest of all stakeholders to work together to have robust processes, policies, and procedures in place.

Running regular anti-malware scans and blocking malicious looking IP addresses is a good start but very often our employees are our weakest link so educating every person within your business as well as your third-party supplier businesses is equally essential. Train them to know how to identify possible threats to your systems and to report anything peculiar to your IT team ASAP. 

Barry Kukkuk is the CTO at NETSTOCK. Barry comes from a systems architect and application development background.  He started his career as the co-founder and chief developer for Icon Retail Management, a full-fledged retail management system that integrated with mainstream ERP. Barry later conceptualized and developed Inventory Optimiza for Barloworld Logistics and provided technical support for the application. It was here where Barry’s passion for Inventory Management solutions began and the industry where he would later return. Barry went on to start his own business in 2008, where he was an avid user of cloud-based apps and would only use online solutions for his business. In 2010 Barry began his journey with NETSTOCK. His enthusiasm for Inventory Management and his strong belief in “all things Cloud” collided, and we saw the release of the Inventory Management solution – NETSTOCK. Barry is the CTO at NETSTOCK, where he is responsible for all customer-facing technologies and systems that keep thousands of NETSTOCK customer instances working correctly.