Disruptions in supply chains are becoming more and more frequent, including odd events like a fire in an aluminum plant that took down Ford’s F-150 network. These types of disruptions, (fires, political disruptions, weather events) are almost impossible to forecast, so organizations need to stress test their supply chains to improve their readiness for the unexpected.

A more recognizable, yet often minimized, supply chain threat is a cyberattack. Individuals often think of cyberattacks as “something that happens to other people”, and are confident that it is a concern of their IT staff, with nothing to do with procurement and logistics. Nothing could be further from the truth.

The number of cyberattacks impacting industry is increasing rapidly and is causing supply chains to shut down.  Most recently, a cyberattack discovered late last month by Jaguar Land Rover prompted the Range Rover maker to power down its operations, a response that could cost the company tens of millions of dollars and threatens jobs across its supply chain. Land Rover is not alone.  Figure 1 highlights the steep rise in third-party and supply chain attacks, peaking in 2023 before easing slightly in 2024. Preliminary data shows that in 2025 to date, there have already been 79 supply chain attacks impacting 690 businesses, and more than 78 million victims.  This trend has no evidence of slowing and demonstrates that adversaries are continuously probing supply chain vulnerabilities. These findings support the case for AI-driven monitoring and anomaly detection, which can shorten dwell time and identify cascading threats earlier.

There is also a rise in cyberattacks that have widespread impacts across multiple organizations, which are often attributed to vulnerabilities imposed by software vendors.  A good example is the “Snowflake” hack – which is a data warehousing platform used by thousands of companies.  Some of these include Ticketmaster, Santander, AAP, Lending Tree, AT&T, Neiman Marcus, Amazon, Capital One, and many others that have consumer credit card information stored.  The lack of a Multi-Factor Authorization (MFA) system was the culprit here.  Hackers were able to access the data warehouse and steal customer credentials.  Any company that was a Snowflake customer was hacked.  Although there is legislation that requires companies to report data breaches, not everyone is willing to do so.  And because there are no real competitors for data warehouse providers other than Snowflake, there is no real alternative.  So, the only path for businesses is to hopefully try to be more careful going forward and put in additional measures.

Figure 1. Supply Chain Attacks by Year (2018–2024) – ITRC

Figure 2. U.S. Entities Impacted by Supply Chain Attacks (2018–2024)

Figure 2 shows the number of US entities that have been impacted according to the Identity Theft Resource Center (ITRC) 2024 Data Breach Report (2025).  Although the number of attacks fluctuates, the number of entities impacted has trended sharply upward, reaching nearly 2,800 in 2023. The reduced number of entities in 2024 is either because of improved cybersecurity efforts, or alternatively, a drop in the number of companies reporting such attacks.  Another relevant fact of note:  69% of all notices did NOT specify the attack vector details.  There is also a domino effect – as a buying company is impacted, the impact could also go upstream or downstream to supply chain partners. 

Suppliers are a major vulnerability for large organizations.  Small and medium sized suppliers may often be targeted as a vehicle for hacking. Target was one such large retailer, whose data was broached.  The operator of nearly 1,800 U.S. stores said the data included a mix of names, mailing addresses, phone numbers and email addresses—information that is semipublic, but which law-enforcement officials said is valued by thieves who could use it to lure victims with fake emails or hack into other accounts.Just before Christmas 2013, thieves broke into its point of sale system and stole credit and debit card data in a hack that went on for two weeks including the crucial Black Friday weekend.  The thieves reached the discounter’s systems by using electronic credentials stolen from a vendor, in this case, a small HVAC maintenance company.  This breach underscores the risks companies face as they operate vast, interconnected business systems, including ones employed by their suppliers.

For this reason, AI-enabled supply chain mapping and risk simulation are increasingly essential for resilience and are discussed in the section on stress testing.

Early Cybersecurity systems were primarily focused on perimeter security, firewalls, and intrusion detection.  Over time, hackers have become more sophisticated, and cybersecurity systems have also had to improve and create additional layers of protection.  Current systems often include behavioral analytics and security event management, while we are also beginning to see systems that are applying AI for threat detection and prevention.

Each one of these systems reflects the progressive development of increased layers of protection for company systems.  A good metaphor for layering cybersecurity is the security used to protect your home.  At a base level, your front and back doors have a lock, preferably a deadbolt.  Some homes also have a chain that can be attached to the door.  Windows also have locks to ensure they can’t be easily opened.  You may also have a security system for the home, with motion detectors, or even possibly external cameras that alert you to a problem.  Finally, you may have a gate that only opens when a pin pad is accurately pressed.  The other option, of course, is to have a dog, which is always a good deterrent against burglars!  In a similar manner, the different layers of cybersecurity shown in Figure 3 show how increased security layering is becoming critical to making it more difficult for hackers to get inside.  Artificial Intelligence is one of the most important new technologies that can be employed for improved cybersecurity, and will be discussed more in this blog.