.png){kind=logo}
As global supply chains grow more digitally interconnected, they also become more vulnerable. What was once a physical challenge, moving goods safely across borders has become equally a digital one. From ransomware attacks on port management systems to compromised tracking infrastructure, the cybersecurity stakes in logistics have never been higher.
In a recent episode of the Analytics Insight podcast, host Priya Dialani spoke with Mihirr Thaker, Chief Information Security Officer (CISO) & Data Protection Officer (DPO) at Allcargo Group, to understand how one of the world's leading logistics players is tackling these challenges head-on. The conversation spans cyber risk management, the anatomy of supply chain vulnerabilities and the role of AI in threat defense. Mihirr also talked about what true cyber resilience looks like in a complex, multi-partner ecosystem.
Here are the excerpts from the interview:
Allcargo Group is a global logistics player and supply chain solution provider operating in a multimodal framework; delivering cargo through air, surface, and water. Beyond transportation, the company runs container freight stations and warehouses, and develops infrastructure that supports both global and local supply chain systems.
As CISO and DPO, the role spans the full spectrum of digital information asset protection across Allcargo's global operations. This includes driving cybersecurity and cyber defense strategies, managing compliance obligations, and overseeing the systems that monitor day-to-day operations.
Mihirr brings over 25 years of professional experience to this role, with the last two decades focused specifically on information security, business continuity, risk management, and data privacy. His credentials include the CISA certification from ISACA, the Cybersecurity Nexus Professional Certification, and he is currently pursuing a PhD with a research focus on Cybersecurity Education.
The logistics ecosystem is not a single system. It is a complex web of interconnected subsystems. When a shipment moves from point A to point B, it passes through multiple partner networks, transaction management systems, financial platforms, and real-time data interfaces. Each connection point is a potential vulnerability.
The primary cyber risks across this ecosystem fall into three broad categories: unauthorized access, system outages caused by malicious code, and the unavailability of systems needed to conduct business. These map directly to the foundational security principles of confidentiality, integrity, and availability.
What makes today's environment particularly challenging is the combination of geopolitical instability and the growing focus of threat actors on critical infrastructure. Attacks are materializing in real time, which means organizations cannot afford to simply detect threats after the fact. They must be equipped to identify, respond to, and recover from incidents as they unfold.
The proliferation of internet-connected systems has also dramatically expanded the attack surface. Applications no longer live only in enterprise data centers, they run on mobile devices and cloud platforms. Every IP-enabled device, whether it's a shipment tracking tool, a cargo sorting system, or a partner API, represents a node that must be identified, assessed, and protected.
Supply chain cybersecurity is far broader than protecting internal systems. For a logistics business, the supply chain includes physical partners as well as the technology components such as APIs, EDI integrations, connected tracking systems, and sorting infrastructure.
Every partner connection that carries an IP address is subject to the same security principles as internal systems. This means that the security posture of an organization is only as strong as the weakest link across its entire partner network.
The structured approach to managing this involves identifying critical assets, implementing appropriate controls, performing periodic compliance checks to verify those controls are functioning as intended, and having a defined response and recovery mechanism for incidents. This framework, often described as an Information Security Management System is not a one-time exercise but a continuous operational discipline.
Resilience, in this context, is more than disaster recovery. It is the organizational capacity to absorb, respond to, and recover from cyber incidents without suffering catastrophic disruption to operations or business continuity.
Building that capacity starts with regular and rigorous risk and vulnerability assessments. The analogy is instructive: just as the human immune system cannot control external threats, it can be strengthened internally to better withstand them. Similarly, organizations must focus on two key parameters, reducing exposure and improving posture.
Reducing exposure means identifying which assets are most prone to particular risks and applying targeted treatment plans, supported by a clear cost-benefit analysis of potential impact versus mitigation investment. Improving posture means testing how well your systems can withstand an attack, through penetration tests, red team exercises, and other proactive activities.
Critically, resilience must become muscle memory, not a checklist. This requires regular tabletop exercises, operational recovery drills, and governance mechanisms that support real-time monitoring rather than point-in-time checks. Being reactive is no longer sufficient, the goal is to be proactive, with systems and teams that can act before incidents escalate.
AI has already become a foundational element of modern cybersecurity often in ways that organizations may not fully recognize. Its roots in machine learning and data science, now enhanced by large language model-style intelligence, make it particularly powerful for identifying anomalies at speed and scale.
The core principle is straightforward: you cannot have humans respond to machine-speed attacks. Defending against AI-enabled threats requires AI-enabled defenses. In this context, AI is not a risk to be managed, it is an active ally. It enables anomaly detection, accelerates response times, and helps security teams move from being gatekeepers to being guardrails embedded in everyday operations.
However, it is equally important to focus not only on AI for security, but on the security of AI itself. AI systems, like any other technology asset, must be subject to appropriate policies, controls, compliance checks, and periodic audits. The Plan-Do-Check-Act cycle applies to AI deployments just as it does to any other element of an information security management system.
The continuous improvement loop, assess, implement, test, refine is what separates organizations that use AI effectively from those that simply deploy it and hope for the best.
