Protecting Your Supply Chain Against Cyber Attacks

Post by Zaira Cedano

In light of recent cyber attacks, which have impacted companies in the industry on a global scale, the need to protect your business from such attacks is heightened. As your supply chain grows and you look towards technology to create greater efficiency and organization, it’s important to pay special attention to cyber security. According to a study conducted by Deloitte earlier this year titled “Cyber risk in advanced manufacturing”, it was found that cyber breaches are on the rise and will only continue to increase.

Fortunately, there are some things that can be done to stay a few steps ahead of cyber criminals. We’ve done our research, and have compiled what we believe to be the best high-level advice from the cyber security experts. Here are a few things you can do protect your business and supply chain:

Know the Risks

Whether you are a small traditional manufacturer or a large company, you may be vulnerable to cyber attacks that can affect or even destroy your business. Knowing the potential risks and sources of problem areas is crucial in securing your business. Some possible threats to supply chain cyber security are:

  • Network or computer hardware with malware already installed in it.
  • Malware that can be installed via USB thumb drive or other means.
  • Weaknesses in software applications and networks within the supply chain that can be exploited by hackers.
  • Counterfeit computer hardware.

As the manufacturing and supply chain sector moves toward more modern, connected digital supply networks and smart factories, this opens it up to unique cyber risks. Within a digital supply network there is a great amount of information being shared across an entire supply chain grid, connected to various participants. Not only is the shared information at risk of being stolen, but even smart machines and devices can be taken over and made to malfunction.

Create a culture of security

Who says it’s only your IT department’s job to keep your information safe? A simple practice that can be very effective is encouraging secure internet practices among employees at every level. Be sure to have a formal internet policy in place and inform users on what is prohibited use on office devices. Emails maybe a particular hotspot by which viruses and malware can be downloaded. Employees should be informed of what to look for in suspicious emails and how to prevent viruses from entering your computer systems.

The basics

This may go without saying, but having users create a strong password, one that contains a combination of alphanumeric characters with lower and uppercase letters, can be a simple way to prevent hackers from entering your network. Getting into the habit of shutting your computers off at the end of your day is also good practice since leaving it on (especially connected to the internet) is an invitation for cyberattack. Further, always ensure that your company’s firewall is up to date which will prevent dangerous programs, spyware or viruses from infecting your system. Finally, automate your system updates. They often contain important security updates that will protect your computer from newly discovered threats.

Encrypt data

So you’ve taken all the measure to protect the frontlines, what’s next? You might want to consider data encryption. Simply put, the National Cybersecurity Institute describes encryption as “taking data that is readable and making it unreadable to humans”. It can be used to protect your sensitive information by making it difficult decode. There are different types of encryption methods you may want to look into.

Build security assurance into third party agreements

Some final things to consider once you’ve made sure your company is protected internally, are potential breaches that can originate from partners and third party service providers. If and when possible, it may be beneficial to include cyber security assurance into third party agreements. Set up which partners get to have access to which sensitive information, with their assurance that it’s protected from unauthorized viewing.

Cyber security is a constant threat and with changes in technology, the threat also changes. By ensuring you’ve taken the right measures to protect your business, you can be can keep your supply chain and information secure.


Welcome to the Technical Traffic Consultants Blog. For the past 43 years we have been providing the shipping public with preaudit, payment, and logistics support services, and have gained a great deal of experience in the process. The purpose of this blog is to provide you with a resource where we can share our knowledge and discuss best business practices within our industry.

From time to time we will be posting entries relative to industry hot topics, transportation law, and areas of our industry that are all too often overlooked. We hope you enjoy our posts, and we welcome your feedback regarding topics that you would like showcased.

Understanding the Impact of Annual Small Parcel Increases

As predictable as January following December, so too has become the annual rate increases published by the Small Parcel providers. These changes typically include what appear to be subtle modifications in base rates, surcharges, and dimensional weight provisions. Leaving many shippers wondering how do these increases affect me, my transportation spend, and my budget for the upcoming year?

With the understanding that annual increases cannot typically be fought or denied (see previous blog post “Incorporation by Rules Tariff”), the next step is to understand how the modifications will impact your spend so that you can budget appropriately.

Adjustments for the upcoming year are posted each Fall on the provider’s website and will outline the base rates, zones, service levels, service types, and dimensional weight provisions that will be affected. To accurately calculate how the projected increase will affect your business, we recommend downloading historical shipment detail from the TTC Small Parcel Adhoc, identifying the packages, service levels types, etc. utilized by your business in the past and applying the appropriate adjustments. This will provide a targeted understanding of the impact against your business model and distribution network. If assistance is needed the in this calculation or methodology, feel free to contact your TTC account representative and we would be happy to help.

Incorporation by Rules Tariff

So you implemented a Contract with your Transportation Service Providers, Great Job! And you made sure to strike or modify that little clause titled “Subject to Carrier Rules Tariff”, right? …Right? If not, here is what you need to know about what you just agreed to.

The majority of Transportation related contracts contain a clause noting “Subject to Carrier Rules Tariff”, which basically means the contract incorporates a secondary document that can be modified at the sole discretion of the transportation provider, without your consent. The incorporation of this unilateral document allows for the provider to assess accessorial increases and additions, and/or allows them to potentially make changes to contract provisions regarding things such as dimensional weight, cubic capacity, or linear foot rules.

With that in mind, be careful before signing that contract and know you do have the ability to modify or deny that often overlooked clause.