Article
Cyber Security

BluVoyant: Supply chain cybersecurity breaches on the rise

By Sam Steers
October 12, 2021
undefined mins
Share
A recent annual global survey by cybersecurity company BluVoyant has revealed a rise in the number of supply chain-related cybersecurity breaches

BlueVoyant, a cybersecurity company, today released the findings of its second annual global survey into third-party cyber risk management. The study reveals that 97% of firms surveyed have been negatively impacted by a cybersecurity breach that occurred in their supply chain. According to the research, 93% of surveyees admitted that they have suffered a direct cybersecurity breach because of weaknesses in their supply chain and the average number of breaches experienced in the last 12 months grew from 2.7 in 2020 to 3.7 in 2021 – a 37% year-over-year increase.

The study was conducted by independent research organisation, Opinion Matters, and recorded the views and experiences of 1,200 CIOs, CISOs, and Chief Procurement Officers in organizations with more than 1,000 employees across a range of industries including business services, financial services, healthcare, and pharmaceutical, manufacturing, utilities and energy, and defense. It covered six countries: U.S., Canada, Germany, The Netherlands, the United Kingdom, and Singapore.

Breaches still high despite rising awareness 

Adam Bixler, Global Head of Third-Party Cyber Risk Management, BlueVoyant, said: "Even though we are seeing rising awareness around the issue, breaches and the resulting negative impact are still staggeringly high, while the prevalence of continuous monitoring remains concerningly low. Third-party cyber risk can only become a strategic priority through clear and frequent briefings to the senior executive team and the board.

"Budget increases demonstrate that firms are recognising the need to invest in cybersecurity and vendor risk management. However, the wide, yet consistent array of pain points suggests that this investment is not as effective as it needs to be. This, tied to the lack of visibility, monitoring and senior-level reporting, underscores a need for further improvement when approaching third-party cyber risk, in order to reduce the exposure of data before attackers take advantage of this,” he added. 

Other key survey findings include:

- Only 13% of companies said that third-party cyber risk was NOT a priority, a drop compared to last year when 31% of companies said that supply chain and third-party cyber risk was not on their radar.

- 38% of respondents said that they had no way of knowing when or if an issue arises with a third-party supplier's cybersecurity, compared to 31% last year.

- 91% say that budget for third-party cyber risk management is increasing in 2021, compared to 91% who said this in 2020.

 

BluVoyantCybersecuritysupplychainbreaches
Share
Latest

Digital Magazine

Read Now
Read the latest Digital Magazine today!

Featured Articles

Cisco Talos: Tracking Ransomware’s 35 Year Evolution

Martin Lee, Technical Lead for Security Research, Cisco Talos highlights how the ransomware landscape has shifted across the last 35 years

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

Cyber Security

Darktrace Reports 692% Surge in Black Friday Cyber Scams

Cyber Security

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI