With supply chain cyberattacks increasing at an alarming rate, how are companies preparing for the attacks and dealing with the effects after they are victimized? Probably not as well as they should. Research from cybersecurity company BlueVoyant showed just how much companies are struggling to deal with these supply chain cyberattacks. The research, detailed in a recent study conducted by Opinion Matters and overseen by BlueVoyant, was the second global survey into how companies are handling third-party cyber-risks. The study polled over 1,200 high-ranking technology executives in a variety of industries in six countries: the U.S., Canada, Germany, The Netherlands, the United Kingdom, and Singapore.
The key takeaways from the study, according to BlueVoyant, specifically relate to supply chain cyberattacks and their after-effects. BlueVoyant found that “97% of firms surveyed have been negatively impacted by a cybersecurity breach that occurred in their supply chain.” Additionally, 93 percent of the CIOs, CISOs, and chief procurement officers said that “they have suffered a direct cybersecurity breach because of weaknesses in their supply chain.” In total, the study showed that supply chain cyberattacks rose 37 percent, going from 2.7 average monthly breaches per company in 2020 to 3.7 in 2021.
Adam Bixler, BlueVoyant’s global head of third-party cyber-risk management, said this about the study:
Even though we are seeing rising awareness around the issue, breaches and the resulting negative impact are still staggeringly high, while the prevalence of continuous monitoring remains concerningly low. Third-party cyber risk can only become a strategic priority through clear and frequent briefings to the senior executive team and the board.
Additionally, Jim Rosenthal, CEO of BlueVoyant, gave his thoughts on the study:
Auditing or sending questionnaires to your supply chain is important, but not sufficient, to stay ahead of agile, persistent attackers. Continuous monitoring and quick action against newly discovered critical vulnerabilities is an essential element for effective third-party risk management.
In short, the key takeaway from the study is that supply chains are seeing an all-time high of assault from cybercriminals. It is an issue that will continue to skyrocket, most likely in the years to come. This is the case with any successful form of cyberattack. Cybercriminals only abandon their chosen attack methodology if it is no longer worth it.
Featured Image: Shutterstock