As we’ve moved through the second half of 2025, I’ve found myself spending a lot more time in the weeds of Industrial Control System threats. Not because it’s trendy, but because the shape of the modern supply chain is changing so quickly it’s hard to ignore. Next-gen automation, AI-driven decisioning, digital twins, and edge compute are turning supply chains into something closer to a nervous system than a chain—signals flowing constantly between software and the physical world.

And that’s the bit that should make any security architect sit up a bit straighter.

Because every time we tighten that feedback loop between cyber and kinetic operations, we don’t just add efficiency. We add dependency. We add complexity. We add new failure modes. A compromise is no longer “data loss and an awkward press release”; it can become misrouted shipments, halted production, safety issues, and real-world disruption at industrial scale.

Why supply chain security isn’t “just IT” anymore

For a long time, supply chain security conversations lived in a familiar IT lane: vendor access, third-party software risk, open source dependencies, patching. All important, but largely digital and largely predictable.

Industry 4.0 changes the rules. AI systems are now making decisions in manufacturing, logistics, and warehousing in real time. IoT sensors and actuators create a constant feedback loop between physical operations and digital platforms. Digital twins model entire factory floors, shipping routes, and inventory positions—and once those twins become decision-support (or decision-making) systems, they stop being “just models” and become part of how the business functions.

The result is a tightly coupled system where cyber risk turns into physical consequence far faster than most organisations are comfortable admitting. The attack surface now stretches from model manipulation and data integrity problems through to OT network compromise, device tampering, and physical sabotage. The line between cyber incident and operational incident is getting thinner by the month.

The threats are getting weird (and very scalable)

The uncomfortable reality is that modern supply chains are exposed on multiple fronts at once, and the attacks aren’t always the classic ones we’re used to dealing with.

Adversarial attacks on machine learning models are one. If you’re using AI for forecasting, anomaly detection, routing, or quality control, your model is only as trustworthy as the data feeding it and the assumptions baked into it. Poison the data, shape the input, and you can push the model into making “reasonable” decisions that just happen to be wrong in exactly the way the attacker wants.

Ransomware hasn’t gone anywhere either, but it’s evolved. The impact isn’t just encrypting files; it’s knocking over systems that production and logistics now depend on, causing real downtime and real cost. When IT and OT are connected—directly or indirectly—an IT incident can turn into an operational outage frighteningly quickly.

Then you’ve got the IoT problem. Weak devices, inconsistent patching, unclear ownership, and a habit of being deployed quickly and forgotten. They’re not just entry points; in many environments they also touch physical reality. When those devices get abused, the effects don’t stay on a dashboard.

And finally, the human layer—because attackers haven’t forgotten that it’s often easier to manipulate a person than to exploit a hardened system. Deepfakes and synthetic impersonation are now credible tools in logistics and procurement fraud. If an attacker can convincingly impersonate a trusted person and get a shipment rerouted or a process changed, you can have a “security incident” with no malware involved at all.

Designing for a cyber-physical supply chain

The architectural challenge here isn’t solved by bolting on another tool. The only approach that holds up is a holistic one that treats IT, OT, and AI as one combined risk landscape, even if they’re managed by different teams with different cultures.

The first thing that matters is visibility. You can’t defend what you can’t see, and in many industrial environments the reality is that asset inventories are either out of date, incomplete, or split across teams. A proper view of “what’s connected to what” is the foundation for everything else—because the riskiest part of cyber-physical environments is usually the unexpected dependency.

Once you’ve got that, segmentation becomes your best friend. Zero Trust ideas still apply, but they need to extend beyond cloud workloads and user identity into device identity, service-to-service access, and the messy reality of OT networks. Microsegmentation—done sensibly—reduces blast radius and turns “one compromised box” into a contained event rather than a cascading failure.

AI also needs to be treated as a first-class architectural component. Threat model the models. Threat model the data pipelines. Threat model the digital twin, especially if it influences real-world decisions. Build in continuous robustness testing, data integrity checks, and monitoring that can tell you when the model’s behaviour has drifted into something suspicious. If the model is making decisions that affect safety or major operational cost, you need guardrails and the ability to fall back to safe modes when confidence drops.

And threat modelling has to expand beyond your boundary. Supplier risk, third-party data flows, upstream dependencies, and the “weak links” in logistics and operations need to be part of the picture. Hardware compromise, model theft, deepfake manipulation, physical sabotage, and cloud misconfiguration all belong in the same conversation because, in practice, they can land you in the same outage.

Response and resilience: speed matters

The operational reality of supply chain incidents is that you often don’t get to “take your time”. When a single compromise can halt shipments or production, the response needs to be coordinated and fast, spanning cyber, physical operations, and the business.

That means response playbooks that are genuinely cross-domain. It also means rehearsing them. Tabletop exercises that include kinetic consequences aren’t theatre; they’re one of the few ways to discover your assumptions are wrong before you pay for them in production.

Automation helps, but it needs to be applied carefully. Quarantining a compromised IoT segment, rotating credentials, isolating access paths, rolling back to known-good model versions—these are the types of actions that can make the difference between “contained disruption” and “global headache”. The key is that the automation has to be designed with safety in mind. In OT environments, the wrong automated action can cause as much disruption as the attacker.

OT reality: sometimes the fix is embarrassingly simple

One of the biggest misconceptions people bring into this space is assuming the tech is modern just because the business is modern. OT environments are often a patchwork of old and new, and some kit behaves in ways that would make a modern software engineer wince.

I’ve worked with organisations where a simple network probe to a specific port would trigger an ICS device to fail over, then fail back, then loop itself into a state that impacted the business. No malware. No exploit chain. Just brittle behaviour meeting a flat network.

In that case, the mitigation was as unglamorous as it was effective: a firewall rule and proper VLAN separation so that port was only reachable from where it needed to be. It’s a good reminder that in industrial security, “boring network hygiene” often beats clever tooling.

Building a supply chain that can take a hit

If there’s a practical starting point, it’s to map the interconnections and keep the documentation alive. Warehouse robots, edge gateways, SaaS dashboards, partner data feeds—if you don’t understand the relationships, you can’t understand the failure modes. Then you bring in threat intelligence, but you don’t treat it like a feed you subscribe to and forget. You translate it into “where do we use this tech, how could it be abused here, and what would that do to operations?”

Vendor transparency matters too, and it needs to go beyond a checkbox exercise. SBOMs help, but so does clarity on how software is updated and how dependencies are managed over time. The initial onboarding risk assessment often looks reasonable, then the product updates quietly and the risk profile shifts without anyone re-evaluating it.

Finally, the best long-term control is culture: cross-domain expertise and regular collaboration between security, operations, and data teams. Security champions outside the security function can be incredibly effective here, because the best time to fix these issues is during design, not after the first big outage.

The future of secure supply chains isn’t purely cyber or purely physical. It lives at the intersection, in the messy seam where data becomes decisions and decisions become real-world actions. Good security architecture has to reflect that reality, or it won’t survive contact with it.