IASME is the sole delivery partner for the UK Government’s Cyber Essentials scheme, working with over 900 cybersecurity experts across the UK to improve resilience against cyber threats. As the CEO of IASME, Dr Emma Philpott MBE is at the forefront of these efforts, helping businesses of all sizes strengthen their cybersecurity.

Dr Philpott will bring her unique perspectives and insights from the cutting edge of cybersecurity to IMHX, when she leads a presentation titled ‘Demystifying cybersecurity: a practical guide to protecting your warehouse’. Ahead of her appearance on the conference stage, she spoke about the latest trends and challenges in the fight against cybercrime.

Strengthening the weakest links

Today’s interconnected digital supply chains offer many opportunities for logistics businesses – but they also offer opportunities for criminals, too.

“Supply chains are a prime target for cyber criminals, who often exploit the weakest link to gain access to larger organisations,” Dr Philpott explains. “Even if a company has strong cybersecurity measures in place, attackers may infiltrate through a less secure third-party supplier. This makes it critical for businesses to view supply chain security as a shared responsibility.

“One proven approach is to require suppliers to meet specific cybersecurity standards, such as obtaining Cyber Essentials certification. This ensures a minimum level of protection across the entire supply chain, reducing vulnerabilities and strengthening collective resilience. You may want to ask some of your most important suppliers for additional cybersecurity measures but asking all suppliers for Cyber Essentials as standard is an affordable and achievable requirement for even the smallest organisations.”

Support is available to help businesses protect themselves and their partners.

“The UK Government and the National Cyber Security Centre (NCSC) have developed frameworks like the Cyber Assessment Framework (CAF) and Cyber Essentials,” Dr Philpott says. “These guidelines provide clear, actionable steps to improve cybersecurity.

“Cyber Essentials, for example, focuses on five key technical controls that mitigate the majority of common cyber threats. Certification not only helps businesses protect themselves but also reassures partners and customers that they take security seriously. It’s a practical, affordable way to embed cyber resilience into supply chain operations.”

Staying one step ahead of cybercriminals

Cybersecurity is not static – it is a continually evolving arms race between the law and the criminals. New smart devices and IoT technology can transform warehouse operations and bring many security benefits – but they can also bring risks.

“Poorly secured devices can serve as entry points for hackers, potentially compromising entire systems. To mitigate these risks, businesses should ensure devices are regularly updated, use strong passwords and multi-factor authentication (MFA), and segment networks to limit access,” Dr Philpott advises. “By taking these steps, companies can enjoy the benefits of connected technology without exposing themselves to unnecessary risks.”

Given the critical role logistics companies play in keeping the global supply chain moving – and the far-reaching consequences that occur should they fail to do so – ransomware is high on this list of risks.

“Logistics companies are attractive targets for ransomware attacks,” adds Dr Philpott. “To defend against such attacks, businesses should adopt a multi-layered approach. Regularly backing up data and storing it offline ensures operations can be restored without paying a ransom. Implementing robust access controls, multi-factor authentication, and network segmentation means that if someone does click on a malicious link in a phishing email, the attack can either not progress, or the effect will be limited.”

Education is key

Given that the cybersecurity landscape can change dramatically day-to-day, the most valuable thing a company can do is ensure its staff are continually trained on the latest threats. As Dr Philpott explains, this does not need to be a complicated process.

“Start with short, practical sessions that teach basic cyber hygiene, such as not using the same username and password on different accounts and being suspicious of unexpected emails asking for urgent action.

“Tailor training to specific roles – for example, teach warehouse staff how to secure IoT devices or drivers how to protect mobile systems. Encourage a culture of openness where employees feel comfortable reporting suspicious activity without fear of blame.

By empowering staff to see themselves as part of the company’s cyber defence, businesses can turn potential vulnerabilities into strengths.”

This is particularly important when integrating new technological systems and solutions into a logistics operation. But adopting new technology doesn’t have to come at the expense of security.

Before implementing a new system, Dr Philpott says, “conduct a risk assessment to identify potential vulnerabilities. Work only with vendors who can demonstrate that they prioritise security, and ensure new technology integrates seamlessly with existing cybersecurity measures. Regular updates and system monitoring are essential to stay ahead of emerging threats. By embedding security into the adoption process, businesses can innovate confidently while safeguarding their operations.”

Dr Philpott will share more insights from the cutting edge of cybersecurity in what promises to be an unmissable presentation at IMHX 2025.

Attendees to the event, held from 9-11 September at NEC Birmingham, can register for a free ticket now at www.imhx.net.