Tariffs—or even the threat of escalating tariffs—can trigger fluctuations in supply and demand, negatively impact supply chains, and lead to trade disruptions. These factors are forcing companies to reassess their trade relationships, prompting them to consider reshoring or nearshoring strategies.FriendshoreOutsource or switch to a new supplier.

However, these choices often inadvertently introduce new vulnerabilities, which, in addition to posing cost and logistical challenges, could also lead to serious safety risks.In the National Association of Manufacturing's Q1 2025 Outlook Survey,Nearly three-quarters (73%) of businessesIt stated that trade uncertainties, such as tariffs and negotiations, are its primary business challenges.

How Tariffs Impact Supply Chains

Tariffs directly drive up raw material costs, forcing companies to reassess their procurement strategies.A supply chain route originally established for speed and cost optimization could suddenly become unviable overnight. To avoid high tariffs, companies sometimes have to reroute through low-tax regions, which not only extends shipping times and increases logistics costs but also drives up overall business operating expenses.

To avoid over-reliance on a single region or supplier,Many companies have hastily onboarded new suppliers without conducting thorough reviews, in order toAt the same time, bypassing security reviews becomes easier. In this decentralized supply chain structure, with numerous suppliers and relatively low security standards, it’s far more vulnerable to disruptions and threats.Newly introduced suppliers or logistics providers have also created additional potential entry points for attacks, increasing the risk of data breaches.

Some companies are turning to local suppliers instead, in an effort to avoid import costs. While this may streamline logistics, it also means they’re becoming more dependent on those suppliers. If these local vendors encounter safety issues or face supply shortages, it could lead to a "single point of failure."

Another risk stems from the unpredictability of global trade, prompting companies to reconsider their long-term investments.To prepare for unexpected events, companies tend to invest their funds in emergency procurement and resource reallocation—rather than in long-term infrastructure development or critical security upgrades—leaving behind unaddressed vulnerabilities.

Cybersecurity Challenges in the Trade War

The intertwining of trade disruptions and cybersecurity threats is becoming increasingly evident. Here are some key cybersecurity challenges posed by tariff changes:

A third-party vulnerability is being exploited by attackers.：To meet tariff deadlines, companies may not conduct the same level of scrutiny on new suppliers as they would with traditional partners. To accommodate higher production demands,Second-tier suppliers, often thrust into critical roles on short notice, frequently lack robust security safeguards, making them a weak link in the entire supply chain. Attackers deliberately bypass well-protected core enterprises and instead target these smaller, more vulnerable suppliers. Additionally, the absence of dedicated security teams and effective incident-response mechanisms within the supplier network can further delay recovery efforts, leading to production delays and significant financial losses.

Digital fraud surges:In the first quarter of 2025, there were at least301 unitsMalicious domain registrations linked to the tariffs have been identified, coinciding with the timing of the announcement of the new U.S. tariffs.This indicates that attackers are taking full advantage of the chaos caused by policy changes to ramp up their fraudulent activities. Leveraging generative AI, they’re forging invoices to target small and medium-sized enterprises. Victims receive bills that appear to come from "trusted suppliers," claiming additional charges for goods transportation due to recent tariff adjustments.

Geopolitical Tensions:Regions affected by the tariffs are exploring alternative retaliation strategies, therebyLeading to geopolitical friction and manifesting as state-level cyber espionage.The cyberattack targeting U.S. telecom companies, namely…"Salt Typhoon"(and its relatedHacker attack), this serves as an example of how heightened trade tensions—particularly in response to tariffs and economic sanctions—have led to a rise in cyber espionage activities targeting the United States.

Compliance Risk Escalation:When companies shift their operations to new countries or regions, they must navigate diverse regulatory landscapes. Data privacy laws vary significantly across the globe, affecting encryption standards, data storage methods, and access control mechanisms—making it increasingly challenging for businesses to align their cybersecurity policies effectively.

Network Resilience in International Supply Chains

Companies can enhance network resilience in their supply chains by adopting the following approaches:

Deploying a Zero Trust Strategy:By implementing a zero-trust model, unauthorized access from potentially compromised vendors is prevented. This model continuously authenticates all third-party suppliers, ensuring they have the necessary permissions to access core systems. It is especially effective in safeguarding against internal threats and credential leaks.

Implement robust access control:By enforcing least-privilege access, restrict vendor access to only the systems and data necessary, thereby minimizing the supply chain's attack surface. Additionally, isolate the supply chain network through network microsegmentation to prevent threats from spreading laterally.

Enable real-time threat intelligence: Companies must leverage AI-powered predictive analytics and threat intelligence sources to identify signs of misconduct within their supplier networks, preventing such issues from escalating into major breaches. Deploy AI-driven threat detection systems,Real-time monitoring and tagging of potential anomalies in the supplier networkand proactively investigate suspicious supplier activities.

Training Supply Chain Partners: Most cyberattacks target untrained employees within supplier networks. Cybersecurity awareness training can significantly reduce human-induced security risks in the supply chain. Conducting targeted phishing awareness training that simulates real-world attack scenarios helps suppliers recognize fake emails and malicious links.

Establish and improve a robust emergency response mechanism.：DeploymentThe automated recovery system automatically redirects workloads to backup infrastructure, enabling rapid restoration and minimizing downtime after an incident occurs. Simulated training exercises are conducted to validate and strengthen resilience against scenarios such as vendor breaches and system intrusions.

The new round of tariff policies is profoundly reshaping the global trade landscape, a shift that is closely linked to cybersecurity concerns.Closely interconnected, becauseToday, more and more multinational corporations are being affected by cyber incidents involving their partners, as network attacks in supply chains become increasingly frequent—and their impact is growing ever more profound.

In such a volatile trade environment, global supply chains must possess robust network resilience—crucially backed by rapid response and recovery capabilities—to ensure that critical business operations can remain uninterrupted, even in the face of attacks.