IT solutions provider Northdoor plc warned that while the guidance is welcome in principle, it fails to offer the proactive, technology-driven support required to protect complex supply chains.
The framework, developed with the Counter Ransomware Initiative, encourages organisations to strengthen defences and limit disruption. However, Northdoor’s Chief Commercial Officer AJ Thompson said it overlooks the difficulty of identifying vulnerabilities buried deep within third- and fourth-party networks.
“Most supply chains are now so large and complex that understanding where vulnerabilities lie within third parties or even further down the line is, for most, an impossible task,” Thompson said. “Government advice is welcome, but it needs to be more proactive — less bland — than what we’ve seen so far.”
The criticism follows an earlier government warning to UK business leaders urging them to strengthen their cyber defences amid a surge in attacks.
In October, ministers including Chancellor Rachel Reeves and Business Secretary Peter Kyle wrote to the heads of FTSE100 and FTSE250 companies, stressing that hostile cyber activity in the UK had become “more intense, frequent and sophisticated.”
The transport and logistics sector has been among the hardest hit.
Hauliers such as KNP Logistics, Owens Group and Eddie Stobart have experienced serious cyber incidents in recent years that disrupted operations and, in some cases, exposed sensitive data.
DSV recently confirmed a data breach linked to a hacker group reportedly targeting logistics firms, while several other European carriers have also faced ransomware-related downtime.
Cyberattacks on logistics networks have intensified over the past two years, disrupting operations at several major freight and haulage firms across Europe. Experts warn that limited visibility into digital supplier ecosystems leaves companies “dangerously exposed,” regardless of how much they spend on frontline defences.
Northdoor argues that AI-driven monitoring tools should replace outdated questionnaire-based assessments, offering real-time visibility of cyber risks across partner networks.
Thompson added that defending modern supply chains requires “a new mindset” — one that matches the sophistication of today’s cybercriminals without necessarily increasing costs.
The warning comes as the UK signs a new UN treaty on countering cybercrime, a move welcomed by Northdoor but seen as insufficient without more practical, technology-enabled measures.
