Cybersecurity Review in Logistics and Supply Chain Management

As the world continues to rely more and more on digital technologies, Cybersecurity is becoming increasingly important for Logistics and Supply Chain Management. Cyber attacks can have a significant impact on businesses in these industries, resulting in loss of revenue, reputational damage, and disruption to the flow of goods.

The COVID-19 pandemic has had a significant impact on the logistics and shipping industries, with many companies struggling to keep up with the increased demand for online ordering and delivery. Unfortunately, cybercriminals have taken advantage of this situation to launch attacks on logistics and supply chain management systems.

One high-profile example of a cyber attack on a logistics company is the ransomware attack on the shipping company, Maersk, in 2017. This attack resulted in the company losing access to its computer systems and data, causing significant disruption to its operations.

One of the challenges of cybersecurity in logistics and supply chain management is the complexity of the systems involved. These industries rely on a network of suppliers, partners, and service providers, which can create multiple entry points for cybercriminals.

For example, a cybercriminal could launch an attack on a third-party logistics provider, which could then spread to the company's systems. In addition, logistics and supply chain management systems often involve a mix of legacy and modern technologies, which can create vulnerabilities that cybercriminals can exploit.

98% of organisations surveyed have been negatively impacted by Cybersecurity breaches that occurred in their supply chain, up from 97% a year ago. Digital supply chains are mainly made of external vendors and supplier who have network access that could be compromised.

The top pain points are internal understanding across the enterprise that suppliers are part of their cybersecurity posture, meeting regulatory requirements, and working with third-party suppliers to improve their posture.

The survey finds that 40% of organisations still rely on their suppliers on adequate security. Because the risk is distributed throughout the vendor ecosystems, relying on vendors to mitigate without any oversight will leave organisations vulnerable.

According to the Cyber Security Agency of Singapore (CSA), there has been a significant rise in Key Malicious Cyber Activities targeting Singapore-based companies in 2021 compared to 2020.

  • 54% increase in ransomware incidents to 137 incidents
  • 17% increase in phishing incidents to 55,000 incidents
  • 320% increase in Malicious Command and Control Servers incidents to 3,300

Managed Security Services

TOFFS together with CSA has worked closely to protect Small and Medium Enterprises throughout the past few years by using the CSA's Cyber Essentials Framework. Through Asset-Based Cyber Defence "ABCD" Programme, together with their Managed Security Services "MSS" offerings, over 200 companies have been protected over a wider range of organisations through Network and Technology Infrastructure. This includes Critical Data & Servers, Endpoints, including Anti-Virus/Malware agents as well as understanding the User Behaviours and Analytics of key staff members within organisations.

They understand that offering services are not sufficient to protect organisations. Studies find that people are always the first line of defence in every organisation, without being equipped with necessary knowledge, skills and training, companies are still at risk.
Hence, in partnership with TOFFS, SLA members will be able to engage in conversations where TOFFS can offer a consultative approach, independent advice and support, along with the Cyber Essentials Framework.





This also includes identifying key staff members of your organisation to be trained with their partner on the knowledge of Cybersecurity which covers the following areas:

1. Introduction to cybersecurity and data protection fundamentals

2. Understanding the risks and impacts of threats

3. Key cybersecurity challenges in the logistics industry with case studies

4. Strategies for protecting business continuity and adopting solutions

5. Overview of regulatory framework in Singapore

6. Review of Cyber Essentials Mark and Basic PDA Obligations

SLA members can benefit by understanding the compliance obligations where TOFFS can come in to provide consultation on how companies can scale their digital security posture while also protecting their data, without having to overhaul their processes or complete procedures.

Last but not least, each organisation has specific requirements and their organisational needs that require certain cybersecurity services. Thus, instead of having an all-encompassing offer, they are able to provide tailored solutions, so SLA members can be covered under their business continuity scenario while knowing they have a resilient cyber environment.

More information about the service offerings can be found in the brochure.

For interest in the training programme, please write to: [email protected]

**This article was contributed by our knowledge partner, Toffs Technologies, to provide industry insights. SLA does not endorse any products or services mentioned.

Welcome new member(s) in March