Page 23 - Logistics News - September - October 2021
P. 23
S UP P LY C H A IN
phishing campaign should immediately be
required to undergo training. Instil a strong
password culture in which employees have
varying and secure passwords. Ensure that
they understand that if a password is breached
in one place, it is possible and relatively simple
for hackers to use it on other accounts associated
with the same email.
Th ere are countless helpful (and free) cybersecurity
resources available to supplement employee learning and
keep employees updated on the latest industry trends,
such as the virtual training modules provided by the U.S. monitoring for security events should include physical
Department of Homeland Security. environments, networks, service providers and user activity.
Vulnerability scans are a great tool and should be performed
• Insurance. Make sure you have adequate insurance in regularly on systems containing sensitive information.
the event of an attack. Some insurance providers include
ransomware protections. Inquire about what things are not Response and recovery
covered in a cyberattack. A correlation is evident between response time and the
cost of an attack. Industries that take the longest to detect,
• Physical security. Protect personnel, hardware, software, react, respond and remediate incur the highest costs. A
networks and data from physical trespassing and actions. fast response can help mitigate the impact. Still, it cannot
Consider solutions like surveillance cameras, security eliminate the possibility, so there is always an emphasis on
guards, security systems, barriers, locks, access key cards, prevention.
fi re alarms, sprinklers and other systems designed to
protect employees and property. A disaster recovery plan is critical to restoring data access
and IT infrastructure after a disaster. Recovery depends on
Beware of piggybacking. Holding the door open for the scope of the damage.
someone walking into the offi ce with their hands full
may seem polite, but it poses a security threat. Make sure Chart out a response plan and a remediation road map
everyone who enters company premises is authorised for all potential incident scenarios in the form of a business
personnel. continuity plan. Include tactics that will keep the business
operational during a disaster. Determine vendor criticality
• Selective business relationships. Cyberattacks through and a course of action if key vendors are attacked. Enlist
supplier networks are becoming increasingly common. backup suppliers and backups for your backups in case you
According to the 2020 Cyber Resilient Organization Study need to shift to another provider to accommodate customers.
by the Ponemon Institute, 56 percent of organisations
report that they have experienced a cybersecurity As part of an eff ective disaster recovery plan, it is
breach caused by a third-party supplier. In determining recommended to simulate a cybersecurity breach at
an acceptable level of risk, be selective when choosing minimum once a year. Th rough these drills, relevant
contractors or partners to work with your company. personnel understand their role and the procedures to be
followed.
• Incident reporting. Instil a good culture and education
for reporting incidents. IT professionals are more capable Cybersecurity will be a prominent obstacle for businesses
of reducing potential damage if they know about it sooner. of all sizes as supply chains become more complex. Identify
weak links in the supply chain to ensure vulnerabilities are L O GI S T I CS NEWS
Detecti on minimised and to prevent threat events. Building cyber
It has been said that a home without smoke detectors is resiliency will prepare your company for a worst-case scenario
the same as a network without monitoring. Continuous that would otherwise be more expensive and damaging. •
www .l o g ist i csn e w s .c o .z a SEP T E MB E R/O CT O B E R 2021 21
