Articles about Supply chain

A new report from cyber insurance provider Cowbell shows that supply chain attacks have increased by an astounding 431 percent since 2021.

It also shows that large enterprises (those with greater than $50 million revenue) are 2.5 times more likely to encounter cyber incidents. Manufacturing is the most vulnerable sector, driven by its reliance on automation and exposure to intellectual property threats.

Continue reading →

A new report from cyber defense company BlueVoyant finds that 81 percent of organizations report they were negatively impacted by a cybersecurity breach within their supply chain over the past twelve months.

Although there has been a promising 17 percentage point year-on year increase (from 19 percent to 36 percent) in respondents reporting they working with third parties at every step to resolve issues, the process remains challenging.

Continue reading →

According to Gartner, 60 percent of organizations work with over 1,000 third parties, and a new report shows many of these supply misconfigured or vulnerable hardware and software, putting customers at risk.

The study from CyCognito finds web server environments, including platforms like Apache, NGINX, Microsoft IIS, and Google Web Server, were the host of 34 percent of all severe issues across surveyed assets. They accounted for more severe issues than 54 other environments combined (out of 60 environments surveyed),

Continue reading →

We are living in a time when siloed businesses are increasingly rare. Supply chains are the lifeblood of modern organizations, enabling the seamless flow of goods, services, and information. This interconnected network creates a trade ecosystem vital to the survival of both businesses and consumers. 

So, understandably, when a cyberattack disrupts this critical process, the immediate response is often panic-driven -- focusing solely on getting operations back online as quickly as possible. While restoring functionality is essential, this approach frequently overlooks a crucial aspect: rebuilding security.

Continue reading →

The interconnected nature of modern business means that a vulnerability in one part of the supply chain can have far-reaching consequences. New research from SecurityScorecard and The Cyentia Institute identified 99 percent of Global 2000 companies are directly connected to vendors that have had recent breaches.

The study shows that 20 percent of these large enterprises use a thousand or more products. Supply chain incidents cost 17 times more to remediate and manage than first-party breaches.

Continue reading →

It's fair to say that no industry is truly safe from cyber attacks these days, the aviation sector is at particular risk due to the volume of customer data it handles and the potential to cause widespread disruption.

A new report from SecurityScorecard focuses on cybersecurity vulnerabilities across the airline industry and its various supply chains.

Continue reading →

Although software supply chain breaches are increasing, a new study from JFrog finds that only 30 percent of respondents identified the need to address vulnerabilities in their software supply chain as a top security concern.

It also uncovers a disconnect between management and developers. 92 percent of executives claim their organizations possess tools to detect malicious open-source packages, while only 70 percent of developers think the same.

Continue reading →

This year sees elections around the world, affecting around half the global population, with voters in the US, Mexico, India, Taiwan, Indonesia, the UK and other places all heading to the polls.

A new report from Everstream Analytics looks at how these elections will create new supply chain risks associated with global trade, commodity supplies and cyberattacks.

Continue reading →

As widely available quantum computing draws closer, organizations need to consider the extent to which their supply chain presents risks and start building in post quantum readiness to their risk assessments.

To do this, it's critical for businesses to understand the origin and authenticity of all the components that are in the supply chain (both hardware and software). This is especially true for IoT devices, which rely on systems and subsystems created by multiple partners and vendors bringing their solutions together to make a fully functioning connected product/system.

Continue reading →

A new report from Black Kite shows how third-party data breaches create critical weak spots in extended networks, potentially leaving businesses open to cyber attacks, which can have a negative ripple effect across the organization and its stakeholders.

The report is based on analysis of 81 vendor breaches impacting 251 companies in 2023. Unauthorized network access was the leading cause of breaches, accounting for over half (53 percent) of third-party breach incidents. This represents a 26 percent increase from 2022, with ransomware being the most common method of compromise.

Continue reading →

New research for supply chain solutions company Cleo, based on a study carried out by Dimensional Research, shows 30 percent of companies plan to use trending technologies like artificial intelligence and automation to better meet supply-chain related business commitments.

It finds 97 percent of companies surveyed invested in supply chain technologies in 2023, with 81 percent stating their supply chain investment delivered business improvement in less than 24 months and 35 percent getting benefits in the same year.

Continue reading →

Towards the end of last year the American Airlines pilot union was hit with a ransomware attack. This is just one of a growing number of attacks targeting the aviation sector.

What makes the aviation industry such an attractive target and how can it protect itself? We spoke to Marty Edwards, deputy CTO for OT/IoT at Tenable, to find out.

Continue reading →

The overwhelming majority of organizations (91 percent) have experienced a software supply chain incident in the past 12 months, according to a new report.

The study from Data Theorem and the Enterprise Strategy Group surveyed over 350 respondents from private- and public-sector organizations in the US and Canada across cybersecurity professionals, application developers and IT professionals.

Continue reading →

Organizations are struggling to keep up with vulnerabilities amid software supply chain complexity, with more than 40 percent still in reactive mode according to a new report from Slim.AI.

The 2023 Container Report, based on a survey conducted with Enterprise Strategy Group, shows few organizations know exactly how to address security in the upstream dependencies of the applications and the containers they run in production.

Continue reading →

A new poll of over 500 security decision makers and developers shows a disconnect and even some distrust between CISOs and developers relating to how security-conscious each department is within the organization and what their roles are.

The Harris Poll conducted for Chainguard finds a majority of both developers and CISOs view software supply chain security as a top priority in their roles (70 percent and 52 percent respectively).

Continue reading →