Just 23% of logistics and supply chain firms report investing into cybersecurity, despite cost of data breaches reaching all-time high
New Reuters Events, Supply Chain research underlines continued underinvestment into cyber, leaving companies exposed to increasingly costly attacks
According to the new unlocking the future: embracing digital transformation in logistics white paper, only 23% of supply chain professionals report their organisation as investing into cybersecurity over the last two years, despite the cost of data breaches hitting an all-time high as of 2023.
This is a relatively low level of investment, with the more than 450 respondents to the survey far more likely to say that their organisations have prioritised supply chain management systems (64%), digitalising documents (48%) or warehouse automation (39%), all of which rely on secure connections and IT set-ups.
This appears to be a weak spot, as cyber attacks on supply chain infrastructure are rising and the costs are becoming more severe.
According to IBM’s annual report on the financial implications of cybersecurity, “The 2023 Cost of a Data Breach Report”, the global average cost of a data breach has now reached $4.45m. This represents a 15% increase during the last three years.
This can be even more costly for supply chain functions as the research found that the average cost for a critical infrastructure organisation breach increased by 4.5% in 2023 compared to last year, rising from $4.82m to $5.04m. This is now $590k higher than the global average.
The white paper notes that the issue is compounded by the industry’s historic tendency to use different software solutions for each geography or business function, such as freight management, supply chain visibility, or warehouse operations.
It commented that “While this ‘best of breed’ approach may initially seem reasonable, it often creates a very complex internal tech landscape with numerous applications operating in silos,” as well introducing vulnerabilities due to “each application requiring its own security measures and updates, making it harder to ensure a robust and consistent security posture across the entire infrastructure. Any vulnerability or breach in one system can potentially expose the entire network, compromising sensitive data, customer information, and disrupting critical operations.”
IBM’s research underlined the importance of investment into security measures, urging employment of artificial intelligence (AI) and automation to help speed up breach identification and containment. In this way, a typical data-breach lifecycle could be as much as 108 days shorter compared to companies not using these technologies (214 days versus 322 days).