Supply Chain Attacks on the Rise as One of the Biggest New Threat Vectors as Organizations Scramble to Close Gaps
Global research survey discovers companies lack visibility, awareness to combat supply chain attacks despite the majority having experienced breaches
Sunnyvale, CA – July 23, 2018 – CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced the results of its global supply chain survey, Securing the Supply Chain, produced by independent research firm Vanson Bourne. The study surveyed 1,300 senior IT decision-makers and IT security professionals in the US, Canada, UK, Mexico, Australia, Germany, Japan, and Singapore across major industry sectors.
The survey concludes that although nearly 80 percent of respondents believe software supply chain attacks have the potential to become one of the biggest cyber threats over the next three years, few organizations are prepared to mitigate the risks. More specifically:
- Two-thirds of the surveyed organizations experienced a software supply chain attack in the past 12 months. At the same time, 71 percent believe their organization does not always hold external suppliers to the same security standards.
- The vast majority (87 percent) of those that suffered a software supply chain attack had either a full strategy in place, or some level of response pre-planned at the time of their attack.
- Only 37 percent of respondents in the US, UK and Singapore said their organization has vetted all suppliers, new or existing in the past 12 months and only a quarter believe with certainty their organization will increase its supply chain resilience in the future.
- 90 percent of respondents confirmed they incurred a financial cost as a result of experiencing a software supply chain attack. The average cost of an attack was over $1.1 million dollars.