As supply chains tend to get smarter, the increasing use of IoT automation increase the intersection between the cyber and physical worlds, making these supply chains more vulnerable to cyberattacks. This introduces increasing financial risks in the event of even small disruptions, especially as their efficiency and/or complexity increases. These risks grow exponentially, as even enterprises with highly secure supply chains are not protected against the knock-on effects of failures in their suppliers' supply chains. To face this risk, cybersecurity is not enough; companies must invest in resilience (redundancy, possibility to revert to manual operation and/or isolate critical systems when needed, hold larger stock volumes, etc.) and can mandate suppliers to prioritise security and resilience to purchase from them. The EU is addressing this issue with the NIS2 Directive.