Almost all enterprises connected to a supply chain breach

The interconnected nature of modern business means that a vulnerability in one part of the supply chain can have far-reaching consequences. New research from SecurityScorecard and The Cyentia Institute identified 99 percent of Global 2000 companies are directly connected to vendors that have had recent breaches.

The study shows that 20 percent of these large enterprises use a thousand or more products. Supply chain incidents cost 17 times more to remediate and manage than first-party breaches.

The estimated total losses from Global 2000 breaches ranged between $20 billion and $80 billion over 15 months. These also companies face significant concentrated risk due to their interdependence, with 90 percent acting as vendors to each other.

The top eight most widely deployed vendors are used by at least 80 percent of Global 2000 companies, with four of the top five reporting a recent breach.

Wade Baker, partner and co-founder at The Cyentia Institute, says, "While the Global 2000 boasts $51.7 trillion in revenue, their interconnectedness exposes them to severe cyber risks -- with 99 percent directly connected to breached vendors and incidents that can tally into the tens of billions."

In order to secure the supply chain SecurityScorecard recommends safeguarding thre IT ecosystem with continuous automated scanning to identify and mitigate IT infrastructure and cybersecurity risks across vendor, agency, and partner environments.

Organizations also need to map the critical business processes and technologies to identify any single points of failure. Create a watch list with these vendors. Passively monitoring vendors' IT deployments can also identify and resolve hidden supply chain risk.

Ryan Sherstobitoff, senior vice president of threat research and intelligence at SecurityScorecard, says, "The world is only beginning to grasp the potential for chaos caused by concentration risk. Understanding and managing your supply chain is critical to protect business continuity. It's not just about preventing disruptions; it's about safeguarding the very foundation of our interconnected economy."

You can get the full research on the SecurityScorecard site.

Image credit: [email protected]/depositphotos.com