The supply chain has garnered a lot of conversation over the past couple of years, and that conversation is ramping up as blockchain begins to play a major role in the supply chain infrastructure, especially in terms of security. As CyberArk Labs head security researcher, Lavi Lazarovitz, said in an email comment:
Blockchain will transform the supply chain in 2019. Following allegations of nation-states targeting the supply chain at the chip level to embed backdoors into both B2B and consumer technologies, organizations will embrace blockchain to secure their supply chains. The distributed nature of blockchain makes it well suited to validate every step in the supply chain – including the authenticity of hardware and software.
Blockchain as a way to improve supply chain security is a major prediction for the coming year, because I’ve seen a lot of commentary surrounding cybersecurity and the supply chain, a lot more than I’ve ever seen in the past. Lazarovitz also pointed out that we should expect to see increased attacks on the supply chain, which is why the need for blockchain to transform its security is vital.
Another reason to believe that supply chain security will take on greater urgency in 2019 – NIST developed a new framework focusing specifically on supply chain security. A Bitsight blog post explained:
The framework recommends that organizations identify the most high risk suppliers, incorporate cybersecurity into contracts with those suppliers, and regularly assess and monitor the cybersecurity posture of those suppliers.
Cybercriminals are more frequently using those third parties as a way to get to a bigger prize, according to Maxim Frolov, managing director of Kaspersky Lab North America, but those smaller companies that were hit with supply chain cyberattacks were just as adversely affected. Frolov offered this bit of predictive advice in an email comment:
While both software and hardware supply chain attacks are already a reality, we believe to see more of them in the future — and organizations will need to come up with new approaches, including more strict requirements for service providers, hardware and software makers to reduce the risks.
There have always been concerns with third-party suppliers and cybersecurity, but as they become a more integral part of organizations and technology advances, expect criminals to take more advantage than ever of supply chain weaknesses. It will be interesting in another 12 months to look back and see if blockchain really does supply the security answer for supply chain protection.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba