While enterprise leaders scramble to fend off ever-evolving cyber threats, a new report from CrowdStrike shows why business leaders need to be more precious about their supply chain.
According to the report, 90% of respondents admitted to incurring a financial cost after experiencing a software supply chain attack. The average cost of an attack like this is just over $1.1 million dollars.
Furthermore, 80% of respondents believe software supply chain attacks have the potential to become one of the biggest cyber threats over the next three years.
The findings show that companies admit to being unprepared in their defence against supply chain attacks, citing a lack of visibility, tools, and technologies as a root cause for this admission.
While 90% agree that security is a critical factor when making purchasing decisions surrounding new suppliers, only 37% of respondents in the US, UK and Singapore said that their organisation would be willing to vet all of them.
On top of this, only a quarter of respondents believe with certainty that their organisation will increase its supply chain resilience in the future.
The report found that some of the key hurdles holding organisations back from developing a robust protection strategy include; a lack of comprehensive security vetting practices for suppliers and third-parties, as well as slow detection and response to threats.
Respondents, on average, take close to 63 hours to detect and react to a software supply chain attack
CrowdStrike’s vice president of product marketing, Dan Larson, argued that organisations should invest in prevention, detection and response technologies.
In a release, Larson said: “It’s clear that supply chain attacks are becoming a business-critical issue, impacting topline relationships with partners and suppliers but organisations largely lack the knowledge, tools, and technology to be protected.”
“Knowledge gaps and the lack of established standards to prevent complex supply chain attacks are putting organisations at risk from a financial, reputational, and operational perspective.”
Nominations are now open for the Women in IT Awards Ireland and Women in IT Awards Silicon Valley. Nominate yourself, a colleague or someone in your network now! The Women in IT Awards Series – organised by Information Age – aims to tackle this issue and redress the gender imbalance, by showcasing the achievements of women in the sector and identifying new role models