Supply Chain Cybersecurity: The Vital Lessons for All CSCOs

Supply chains around the world are becoming increasingly complex, with greater demand calling for more technology implementation.

However, this also exposes global networks to greater risks, including third-party vendor compromise, software supply chain attacks, data theft and operational shutdowns.

A seemingly small issue in what appears to be an isolated area can have ripple effects throughout an entire network. As a result, leaders need to adopt thorough risk prevention methods to avoid their operations from failing.

The impact of logistics shut-downs

In 2017, Maersk was hit by a NotPetya attack. It began as a nation-state cyberattack targeting Ukraine, before spreading across companies through unpatched vulnerabilities. Through a compromised update for M.E.Doc, the virus spread through the global network. More than 600 global offices were impacted, alongside the shutting down of 76 terminals across global ports. 

More than 45,000 PCs and 4,000 servers were infected, with devices being locked and cryptocurrency being demanded. This created an estimated financial impact of US$300m. 

Through a rapid response, Maersk switched to a manual, paper-driven process model instead of its IT-enabled one. As a result, it was able to restore approximately 80% of critical functionality while systems were being restored and made safe. 

This event demonstrated the need for patch management, business continuity planning and multi-factor authentication. Businesses which have implemented stronger visibility and scenario planning are much more able to avoid or adapt to conflict. By having continuity planning and other predictive capabilities, businesses can have plans in place for when disruptive events do take place. 

Now, Maersk has a dedicated cyber security policy in place, stating: "Maersk is reliant on the safe operation of technology and its profitability is increasingly dependent on digital solutions. The management of cyber risk, through controls to prevent risks coming to bear and mitigations if they do, is fundamental to the continued operation of the company and the delivery of its strategy.

"Within Maersk, the purpose of cyber security is to control and mitigate risks arising from interconnected systems, information, applications, technology infrastructure and operational environments."

Recent attacks

2025 saw several large-scale cyberattacks take place. Several organisations across the UK's grocery supply chains were targeted by hackers, including the Co-op, Peter Green Chilled and Marks & Spencer. 

Attacks caused a six-week digital disruption for Marks & Spencer in April, resulting in no home delivery orders or click-and-collect. The company saw approximately £300m (US$394m) in revenue losses as a result of the attack. 

According to NFU Mutual, three in five retailers (63%) experience cyber crime. 

In the IO State of Information Security Report, it was revealed that 97% of UK and US cyber leaders believe they are prepared for a breach and 61% experience a third-party or supply chain attack in the space of 12 months. These attacks cause system outages and operational disruption, as well as losses in partner trust. 

In September 2025, global manufacturer JLR was left reeling from a cyber attack. Production across key sites in Solihull, Halewood and Wolverhampton was halted while the company worked to recover its systems. Thousands of factory staff were ordered to stay home and customers were left waiting for deliveries of their vehicles. 

JLR operates on a 'just in time' manufacturing system, meaning that thousands of components arrive on tight schedules. Everything is ordered to meet production demand, which means that suppliers who depend on JLR's systems were majorly impacted amid the disruption. 

Preparing for risk

As modern supply chains are made up of suppliers, logistics providers, software vendors, cloud platforms, manufacturers and contractors, they are more complex than ever. 

Balancing the risks and rewards of AI and digitalisation becomes incredibly important – on one hand, more technology means more opportunity for attacks, but on the other hand, it creates greater visibility and risk prevention methods.

"AI is growing the attack surface faster than most organisations can track," explains Muhammad Yahya Patel, vCISO and Cybersecurity Advisor for EMEA at Huntress.

"When three in four businesses exploring AI have no security framework around it, you're building on an unstable foundation."

Supply chains around the world need to prepare for risk, with the need for asset visibility, dependency tracking, continuous compliance monitoring, software security, ransomware defence and more. 

Through vendor & third-party risk management, businesses can conduct rigorous security reviews before the contract gets signed. This then means that risk assessments can take place and security can be continuously monitored. 

To truly protect the business, cybersecurity needs to be embedded across the ecosystem – it is not enough to protect a singular perimeter. Instead, it needs to be a collaborative process that utilises visibility and trust.