Protecting Products & Personal Information: How Business Cybersecurity Supports the Supply Chain Industry

The global logistics industry is growing rapidly. In 2018, the sector generated net revenues of about $5.5 trillion. That’s projected to increase to over $14 trillion by 2028, representing a roughly 150% growth rate over the decade. To put that in perspective, the global oil and gas industry generated $5.2 trillion in projected revenues in 2024, making it the single largest industrial vertical. Logistics, which spans all industries engaged in international trade, is even bigger.

The delivery of raw materials, manufacturing parts and finished goods en route to the consumer relies on a collaborative and fragile system called a supply chain. As businesses engaged in the supply chain expand their use of digital technology, the need for specialists to protect them from cyber threats also grows. ​​These attacks often target an organization by exploiting vulnerabilities in the systems of its vendors or suppliers. Hackers find breaches and use them to gain unauthorized access to sensitive data and resources, disrupt operations and harm the organization’s reputation.

Globalization and digitalization deliver many benefits but also threaten the manufacture and delivery of goods. Businesses in the supply chain industry need skilled business cybersecurity experts to protect financial data, preserve trade secrets, safeguard personal information and defend the global supply chain. You can develop the skills required to provide these services with an online Master of Science in Business Cybersecurity from the University of Tennessee. That same degree prepares you to manage cybersecurity in finance, marketing, and many other business functions.

Supply Chain Business Cybersecurity: An Overview

In the past, protecting a business’ supply chain meant deterring physical threats like theft, sabotage and terrorism. Organizations tracked shipments, audited factories, ran employee background checks, guarded shipments and diversified vendors to combat these risks.

Today, with the increased adoption of technology, businesses in the supply chain industry operate more efficiently—and more complexly. Digital connectivity seamlessly streamlines the work of manufacturers, suppliers, distributors and retailers. However, it also exposes each business to cyber risks threatening integrity and security. 

Top Supply Chain Risks for Businesses in the Supply Chain Industry

Hackers use various means to disrupt supply chains, including:

• Third-party vulnerabilities: Hackers often target the weakest link (vendors or partners) in fragile supply chains to access sensitive data or insert malware.
• Phishing attacks and social engineering: Hackers manipulate personnel into disclosing confidential information by impersonating trusted partners within a company’s supply chain.
• Ransomware attacks: Ransomware, a type of malware, blocks access to corporate data, usually by encrypting files. Cybercriminals then demand a ransom in exchange for decryption.
• Data breaches: Breaches exposing sensitive information such as customer records, intellectual property, trade secrets or classified government documents affect the targeted organization and clients who entrusted them with their data.

Cyberattacks targeting businesses in the supply chain industry can result in severe consequences, including:

• Financial losses
• Reputational damage
• Threats to national security through attacks that compromise critical infrastructure, e.g., power grids, water supplies and transportation systems 
• Regulatory penalties resulting from noncompliance with data protection laws such as the General Data Protection Regulation or the California Consumer Privacy Act
• Disruption caused by a necessary shutdown to address an attack
• Destruction of property or infrastructure

Notable Security Incidents

Cyberattacks on supply chains have quadrupled since 2020, increasing in size and severity. These high-profile examples demonstrate the destruction cyberattacks can cause:

• 2014: Through third-party vendors, hackers accessed Home Depot’s credit card terminals and stole an estimated 56 million credit and debit card numbers.
• 2017: A data breach in Equifax’s credit reporting company affected 147 million customers. The breach was due to a known security issue in Equifax’s website software.
• 2017: ​​The NotPetya ransomware attack targeted a Ukrainian accounting software provider and rapidly spread across international networks, encrypting files and rendering systems inoperable for many global businesses. The estimated damage from the attack exceeded $10 billion.
• 2020: A suspected Russian agency injected malicious backdoor code into systems management software made by SolarWinds, leading to breaches in thousands of companies and government agencies, exposing sensitive data and more.
• 2021: Attackers used ransomware to infect Kaseya, a cloud-based managed service provider. The ransomware, in turn, spread to 800 to 1,500 customers. The hacker group demanded $70 million for the key to unencrypt the data.
• 2021: Cybersecurity experts discovered a backdoor in the open-source PHP Git server before it was published and distributed, averting a potential breach that could have exposed millions of web servers to hacking.

Cybersecurity Solutions

According to Data Theorem, 91% of organizations faced a software supply chain attack in the past year. In response to these ever-present threats, companies have ramped up their business cybersecurity safeguards. 

Having a risk management policy and a detailed breach response plan proves essential for supply chain security. Best practices utilized in the field include:

• Using suppliers with accreditation and certification
• Conducting security strategy assessments
• Executing penetration and vulnerability tests
• Authenticating data transmissions
• Implementing permissions or role-based data access
• Enforcing minimum business cybersecurity standards for vendors and resellers
• Regularly conducting audits of open source and vendor source codes
• Employing network-level scanning, behavioral analysis and intrusion detection

Supply Chain Cybersecurity Jobs for Businesses in the Supply Chain Industry

Industries relying on the creation, transfer and delivery of goods—and technology firms supplying the IT infrastructure to support those efforts—require business cybersecurity experts. Supply chain cybersecurity jobs exist not only in transportation, manufacturing and retail but also in technology, government, energy and other sectors.

For job titles like cybersecurity analyst, cyber risk and compliance manager, and information security manager, responsibilities might include: 

• Staying up-to-date with emerging supply chain cybersecurity issues
• Creating contingency plans for possible breaches
• Monitoring for unusual or unauthorized activity

Consulting cybersecurity jobs offer another option for experienced business cybersecurity experts. Supply chain risk management consultants provide value to organizations just establishing their security systems, lacking dedicated funds for a full-time staff member or needing an expert to service the needs of multiple vendors.

Advancing Your Career with an Online Master’s Degree in Business Cybersecurity 

Whether you currently work in information technology or seek to pivot your career to the industry, an advanced degree in business cybersecurity can help launch you into the field of supply chain cybersecurity.

Business Cybersecurity Classes and Opportunities at UT Knoxville

An online Master of Science in Business Cybersecurity (MSBC) from the University of Tennessee, Knoxville’s Haslam College of Business can provide the credential you need to advance in the in-demand field of supply chain cybersecurity. This flexible degree, taught by renowned faculty at a top-tier research institution, prepares you to leverage cybersecurity strategy to inform better business decisions. 

The curriculum mirrors the current and emerging challenges facing the cybersecurity industry, including the topic of supply chain protection. Business cybersecurity courses that include Business Information Asset Security, Risk Management and Business Continuity, and Emerging Topics in Business Cybersecurity form part of a holistic curriculum that prepares students to meet the ever-changing demands of digital supply chain security.

At Haslam, online MSBC students learn from acclaimed business cybersecurity faculty experts and have access to everything this premier R1 research institution offers. UT Knoxville stands among only 146 universities recognized by the Carnegie Classification of Higher Institutions for being at the forefront of research and innovation. UT Knoxville helps business cybersecurity faculty and students push the boundaries and explore what’s next in the field and in the lab.

Next Steps: Applying to the Online MS in Business Cybersecurity Program 

Earn your online MS in Business Cybersecurity from a top-tier research institution alongside scholars and practitioners performing cutting-edge research in the information security field. 

Discover how an online MSBC can launch your career in supply chain cybersecurity by attending a virtual event, requesting more information or starting your application today.