Supply Chain Chaos is Ramping Up Cyber Risk
This piece appeared in Security Magazine in August 2020
The Impact of Technology on Supply Chains
Until March, there was a consistent narrative about supply chains and technology.
Digitization had, gradually, come some way in the world of logistics. Manufacturers, shipping companies, and retailers -- and the many other firms with solutions that represent the connective tissue between them -- had been steadily integrating hardware and software technologies that leverage the internet (both “of things” and not).
Electronic scanners were replacing physical bills of lading and other paper documentation, which enabled instant updates to all parties as to the status of freight. Sensors had been integrated to measure not just location of goods but also their temperature while in transit. But despite advances, businesses involved in the movement of goods still had a long way to go to take full advantage of the technologies available.
That was then. Now, according to some industry experts, the Covid-19 pandemic has thrown these trends into hyperdrive, and the story has become one of rapid change.
Digitization During Covid-19
When supply chains were disrupted across the globe at the onset of the pandemic, changes needed to be made on the fly. Early on, companies attempted to shift suppliers from ones that were locked down in China to ones that were available elsewhere. Shipping companies attempted to divert from ports that were suddenly inaccessible. Later, as cargo capacity in the skies dried up with canceled passenger flights, companies had to look for alternatives.
Amid this chaos, those organizations who had dragged their heels on digitizing were at a clear disadvantage: making big changes to operations on the fly is a lot easier with digital tools.
With the fragility of supply chains now laid bare, nearly half of logistics pros who were surveyed by the Journal of Commerce said they’ll be making substantial changes in operations due to Covid, with 76% of those likely to make investments in digitization specifically. As an article from the World Economic forum put it, “The transition to a new model for supply chains will be underpinned by a rapid and wholesale digitization of the paperwork that accompanies global trade.”
For a window into how this might play out, think about how many in-person interactions can be replaced with digital communications. These measures will be the leading edge.
As an executive at a supply chain solutions company, Blume Global, told Tech Republic: “With everybody working remote now, it's awful hard to go into an office and scan things, and so, the newer technologies enable electronic signatures, enable taking pictures...so that they can get closure on the shipment, and closure on the invoicing. It's very important to transition into a digital environment, and this has been a big push. We're seeing companies needing this kind of capability very quickly.”
These may seem like simple measures. Perhaps you’ve seen already that delivery drivers dropping packages on your porch now take a picture for confirmation -- hardly an earth shattering change. But even these minor updates seemed unnecessary until now. “Many logistics businesses regarded digital tools like software enabling electronic signatures or shipment location tracking as unnecessary expenses prior to the emergence of social distancing guidelines” said Brian Reed of GEODIS, in an interview with PYMNTS.com. “The COVID-19 pandemic is now prompting renewed interest and accelerated uptake”
Cyber Risk to Skyrocket - Protect Your Clients
With this sudden push to digitalization, cyber risk will become a major risk factor practically overnight for businesses that may have previously considered themselves to be “safely” offline. With the history of ransomware and other cyber disruptions in this industry -- most notably the ransomware attack on Maersk in 2017 -- cyber attacks are yet another way that logistics can be thrown into chaos, on top of the economic and governmental impacts of Covid.
As companies seek insurance for such attacks of their new always-on, online systems, brokers should consider more than just the standard Cyber policy.
Monoline cyber policies are constructed to fit the bill for risks faced by a broad swath of typical types of businesses, but will likely not offer coverage for Diversion of Shipment due to a cyber attack, a key coverage given the rise of ransomware and its potential to derail shipments. And if the policy offers any Business Interruption coverage, the sublimits offered may not be sufficient for the kind of financial risk a company faces in the event of a shutdown of shipments.
Newly specialized coverage for Ocean Cargo from cyber risks, such as the Corvus Smart Cargo + Cyber policy, provide a better answer. See our video below on an innovative approach to covering these risks.
The rise of remote work and growing concerns over ransomware acted as partners-in-crime to get organizations to hone in on risk mitigation efforts over the past couple years. Through compiling our Risk Insights Index, we found that with certain initiatives — safer or reduced usage of RDP, growing use of email security tools, and other measures taken to limit the impact of threat actors — businesses are more prepared than a year before and ready to play defense. Those efforts are borne out in our finding that the rate of companies who pay a ransom when attacked with ransomware fell by half within a year.
The whisperings of “firming rates” start first, quietly in business meetings, then published in industry reports. Soon to follow, rumblings of a “hard market” are brought to the conversation. It’s cyclical in nature, and we see it across all insurance lines at one point or another. For years, Cyber Insurance stretched far and wide with “soft” market conditions, remaining highly profitable. Now that period of growth, with exceedingly available coverage and inviting terms, has stalled in the face of a hard market.