Ivanti: Social Engineering Hits Warehouse Cybersecurity
Social engineering attacks have become as prevalent as software vulnerabilities in warehouse cybersecurity breaches, forcing supply chain and operations leaders to fundamentally reassess their security strategies amid rapidly evolving threats.
That's according to Ivanti's Supply Chain and Warehouse Trends in 2024 report, which shows that 32% of professionals working in warehouse settings see social engineering as a primary entry point for cyber attacks – matching software vulnerabilities (32%) and significantly outpacing device-based attacks (19%).
This revelation challenges traditional cybersecurity approaches which have historically prioritised technological solutions over human factors.
The human element in supply chain security
Ivanti's research reveals concerning gaps in cybersecurity awareness throughout supply chain operations.
Perhaps the most alarming finding is that 54% of office workers remain unaware that advanced AI could impersonate anyone's voice, highlighting a critical vulnerability in the face of increasingly sophisticated social engineering tactics.
What's more, while around three-in-five (59%) workers have received cybersecurity training, this leaves a substantial 41% of workers without any cybersecurity training whatsoever.
Clearly, the speed at which AI and other technologies are evolving has created a situation where traditional training and education methods struggle to keep pace with emerging threats.
"The supply chain industry has been slow to adapt to the evolving cybersecurity landscape," says Daren Goeson, SVP Product Management, Unified Endpoint Management at Ivanti.
"With the rise of warehouse modernisation, the proliferation of IoT devices and the growing rate of cyber criminals targeting this industry, the risk of damaging cyber attacks has significantly increased."
Digital transformation reshapes security landscape
Ivanti's findings come at a pivotal moment for the industry, as warehouse modernisation and the widespread adoption of Internet of Things (IoT) devices create an increasingly complex attack surface for cyber criminals.
Despite this evolving threat landscape, the research indicates that cybersecurity remains a top concern in only 58% of warehouses, while 13% don't consider it a concern at all.
Elsewhere, current budget allocations reveal a potentially dangerous misalignment between security needs and investment priorities across the supply chain sector. Supply chain managers are directing the majority of their resources towards sourcing and procurement (41%), workforce productivity (40%), automation technologies (39%) and lowering operating costs (39%).
This investment pattern comes despite the significant operational risks posed by cyber attacks, which can result in costly downtime, compromise sensitive customer data and inflict substantial reputational damage.
The impact of such breaches can reverberate throughout the entire supply chain, affecting not only the compromised organisation but also its partners and customers.
Solutions for modern supply chain security
To address these challenges, industry experts advocate for a more comprehensive approach to security that combines technological solutions with enhanced human awareness.
The implementation of unified endpoint management (UEM) solutions has emerged as a particularly promising strategy, offering organisations the ability to discover, manage, configure and secure every device in the warehouse from a single interface.
Ivanti's report emphasises the importance of fundamental security measures, recommending that operations IT professionals support warehouse deployments with robust password policies, stringent system access protocols and mandatory data management software. These baseline measures become increasingly critical as warehouses continue to digitise their operations and integrate new technologies.
Daren concludes: "Warehouse and supply chain managers must adopt a multi-layered approach, utilising advanced training and UEM solutions to help mitigate or prevent human error."
Explore the latest edition of Supply Chain Digital and be part of the conversation at our global conference series, Procurement & Supply Chain LIVE.
Discover all our upcoming events and secure your tickets today.
Supply Chain Digital is a BizClik brand