During the past two and a half years, manufacturers and distributors have seen tremendous challenges, from the spread of COVID-19 to the war in Ukraine, continued supply chain disruptions, new variants and related shutdowns and restrictions. After COVID-19 initially shocked the economy, manufacturing and distribution companies saw demand for their products quickly recover to pre-pandemic levels. This rebound in demand, while welcome, presented companies with new challenges. Supply chain disruptions, labor shortages, and consequently, labor costs have been top of mind for almost all our industry clients.
As your company adapts to this changing landscape, you should know how these challenges may lead to increased cybersecurity risks. Cybersecurity incidents can lead to many negative consequences for your business, such as:
- Theft of cash or other assets
- Shutdown or slowdown of company operations
- Loss of sensitive data and trade secrets
- Loss in customer and vendor confidence
Supply Chain Risks
Companies sourcing materials from new vendors, and potentially from new geographies, should evaluate those vendors to ensure the information you share with them is secure. Any subsequent information changes, such as bank accounts used to pay the vendors, should be authorized and verified. Cyber criminals have become increasingly savvy at spoofing emails that appear to be from internal, authorized sources to request fraudulent cash disbursements or other activity detrimental to the business.
Since the onset of the pandemic, many companies have adopted more flexible working schedules, allowing employees to work fully or partially remote. During this time, employee turnover has also increased significantly. As employees have begun working in decentralized environments, securely accessing company data and ensuring laptops and smartphones are secure have become increasingly important and more challenging. Employee turnover has made it paramount to formalize employee training programs on IT and cybersecurity risks. As labor shortages continue, companies will face pressure to automate more of their manufacturing processes. This shift will further increase the need to secure the company’s networks and IT infrastructure to avoid loss of production and other issues.
Cybersecurity Risk Mitigation
There are a few steps you can take to help your company manage cybersecurity risks, including:
- Have a good team of internal and external IT professionals to assess cybersecurity risks, develop risk mitigation programs and monitor these programs while ensuring you consider cybersecurity risks when evolving and changing your processes.
- Require employees to use multi-factor authentication to access company networks and all hosted applications.
- Develop and implement employee training programs for IT and cybersecurity risks. Web-based training programs can be a relatively low-cost and effective way to conduct training programs to test whether employees will click on a vulnerable link.
- Review password policies to ensure they meet length, complexity, aging and failed login attempts best practices.
- Develop and test backup, offsite storage and recovery procedures.
- Encrypt data stored on laptops and smartphones. Ensure the company’s IT team has the capability to wipe the data on these devices if they are lost or stolen.
These are only a few steps that will help your company address its IT security risks. The Moore Colson Cybersecurity Services team are experts in risk assessment and the tools available to help mitigate those risks. We encourage you to contact us for help navigating this continually evolving landscape.