Skip to content
Search AI Powered
Human content, AI powered search.

Latest Stories

Report identifies top supply chain cyber risks

A failure to test systems and lack of clear-cut security policies put companies and their customers at risk.

Screen Shot 2023-04-19 at 9.08.57 AM.png
DC Velocity Staff
By DC Velocity StaffApr 19, 2023
DC Velocity Staff
See Full Bio

Rampant cyber security weaknesses are putting supply chains at risk, according to a report from British cyber security company Risk Ledger, released this week.

Risk Ledger’s State of Cyber Security in the Supply Chain 2023 report is based on proprietary data from more than 2,500 suppliers on the company's risk management platform. The findings identify the 12 most common weaknesses among suppliers, especially third-tier suppliers and others that are further down a company’s supply chain.

Risk Ledger defines third-party suppliers as external companies that a business uses to provide a service as part of their own delivery or a company that provides elements of a product they make. According to the report, 40% of third-party suppliers do not conduct regular penetration tests of internal systems and 32% do not have a supplier security policy that outlines the security requirements that their suppliers should meet—which puts their own and their customer’s data at risk, according to the report.

“Attackers are targeting under-resourced suppliers with weaker defenses as a way of disrupting or compromising larger organizations,” the company wrote in a statement describing the findings. “The notable ransomware attack on a supplier to semiconductor giant Applied Materials is expected to lead to $250 million in lost sales. With well over 60% of organizations having suffered a data breach through a third party, this regularly results in regulatory fines, huge data recovery costs and loss of consumer trust.”

Two of the top 12 weaknesses revealed in the report include:
  • 17% of suppliers do not enforce multi-factor authentication (MFA) on all remotely accessible services. MFA requires a second source of validation before granting users access to a device or service—in addition to entering a password, the user may also be asked for a code or fingerprint, for example. MFA is the simplest, most effective way to keep hackers out of your online accounts, according to Risk Ledger, but it can be cumbersome for users and is therefore often provided as an optional setting that needs to be intentionally configured. “This often leaves MFA disabled and the accounts vulnerable to unauthorized access through password theft,” according to the report.
  • 23% do not use “Privileged Access Management” controls to securely manage the use of privileged accounts, which are the ultimate target for attackers. With high privileges, an attacker can access more sensitive (and more valuable) data, and modify security detection tools to cover their own tracks.
The report explains that these weaknesses are common causes of cyber security incidents, and that a high proportion of third-, fourth-, and fifth-party suppliers are not using controls to protect themselves or their customers in these areas. It also offers recommendations by cyber security experts for improving companies’ third-party risk management strategies, including benchmarking data.
ArticleEditorial
risk ledger
ArticleEditorial
risk ledger

The Latest

Webinar

Webcast: Optimize Automation Project Delivery

Deutsche Bahn to sell DB Schenker to DSV
Featured

Deutsche Bahn to sell DB Schenker to DSV

CEOs: Our supply chains have a resiliency problem
Article

CEOs: Our supply chains have a resiliency problem

More Stories

Image of earth made of sculpted paper, surrounded by trees and green

Creating a sustainability roadmap for the apparel industry: interview with Michael Sadowski

Michael Sadowski
Michael Sadowski

Most of the apparel sold in North America is manufactured in Asia, meaning the finished goods travel long distances to reach end markets, with all the associated greenhouse gas emissions. On top of that, apparel manufacturing itself requires a significant amount of energy, water, and raw materials like cotton. Overall, the production of apparel is responsible for about 2% of the world’s total greenhouse gas emissions, according to a report titled

Taking Stock of Progress Against the Roadmap to Net Zeroby the Apparel Impact Institute. Founded in 2017, the Apparel Impact Institute is an organization dedicated to identifying, funding, and then scaling solutions aimed at reducing the carbon emissions and other environmental impacts of the apparel and textile industries.

Keep ReadingShow less

Featured

seegrid CR1_Renders_1-2_11zon.png
Article

Seegrid lands $50 million backing for autonomous lift trucks

xeneta air-freight.jpeg

Air cargo carriers enjoy 24% rise in average spot rates

The global air cargo market’s hot summer of double-digit demand growth continued in August with average spot rates showing their largest year-on-year jump with a 24% increase, according to the latest weekly analysis by Xeneta.

Xeneta cited two reasons to explain the increase. First, Global average air cargo spot rates reached $2.68 per kg in August due to continuing supply and demand imbalance. That came as August's global cargo supply grew at its slowest ratio in 2024 to-date at 2% year-on-year, while global cargo demand continued its double-digit growth, rising +11%.

Keep ReadingShow less
littler Screenshot 2024-09-04 at 2.59.02 PM.png

Congressional gridlock and election outcomes complicate search for labor

Worker shortages remain a persistent challenge for U.S. employers, even as labor force participation for prime-age workers continues to increase, according to an industry report from labor law firm Littler Mendelson P.C.

The report cites data showing that there are approximately 1.7 million workers missing from the post-pandemic workforce and that 38% of small firms are unable to fill open positions. At the same time, the “skills gap” in the workforce is accelerating as automation and AI create significant shifts in how work is performed.

Keep ReadingShow less
stax PR_13August2024-NEW.jpg

Toyota picks vendor to control smokestack emissions from its ro-ro ships

Stax Engineering, the venture-backed startup that provides smokestack emissions reduction services for maritime ships, will service all vessels from Toyota Motor North America Inc. visiting the Toyota Berth at the Port of Long Beach, according to a new five-year deal announced today.

Beginning in 2025 to coincide with new California Air Resources Board (CARB) standards, STAX will become the first and only emissions control provider to service roll-on/roll-off (ro-ros) vessels in the state of California, the company said.

Keep ReadingShow less
trucker premium_photo-1670650045209-54756fb80f7f.jpeg

ATA survey: Truckload drivers earn median salary of $76,420

Truckload drivers in the U.S. earned a median annual amount of $76,420 in 2023, posting an increase of 10% over the last survey, done two years ago, according to an industry survey from the fleet owners’ trade group American Trucking Associations (ATA).

That result showed that driver wages across the industry continue to increase post-pandemic, despite a challenging freight market for motor carriers. The data comes from ATA’s “Driver Compensation Study,” which asked 120 fleets, more than 150,000 employee drivers, and 14,000 independent contractors about their wage and benefit information.

Keep ReadingShow less
Copyright ©2024.