Groups Similar Look up By Text Browse About

Similar articles
Article Id Title Prob Score Similar Compare
217782 VENTUREBEAT 2021-10-12:
Software supply chain breaches are ‘staggeringly high,’ report finds
1.000 Find similar Compare side-by-side
217965 TECHREPUBLIC 2021-10-12:
How to protect your organization from security threats across your supply chain
0.924 0.575 Find similar Compare side-by-side
217851 VENTUREBEAT 2021-10-12:
Enterprises struggle with security monitoring ‘tool sprawl’
0.488 0.571 Find similar Compare side-by-side
218102 VENTUREBEAT 2021-10-13:
Why enterprises are massively subcontracting cybersecurity work
0.289 0.531 Find similar Compare side-by-side
217973 VENTUREBEAT 2021-10-13:
Cyber risk monitoring platform Black Kite raises $22M
0.057 0.486 Find similar Compare side-by-side
217890 VENTUREBEAT 2021-10-13:
Cyberattack response time averages 2 days, report finds
0.220 0.452 Find similar Compare side-by-side
218060 VENTUREBEAT 2021-10-15:
Cybersecurity report reveals critical business vulnerabilities
0.437 Find similar Compare side-by-side
218185 TECHREPUBLIC 2021-10-13:
How to get the most bang for your buck out of your cybersecurity budget
0.437 Find similar Compare side-by-side
217897 VENTUREBEAT 2021-10-8:
Why enterprise patch management pains are cybercriminals’ gain
0.434 Find similar Compare side-by-side
218134 VENTUREBEAT 2021-10-14:
Report: 24% of companies have paid millions in audit fees
0.426 Find similar Compare side-by-side
218114 ZDNET 2021-10-15:
Brazilian insurance giant Porto Seguro hit by cyberattack
0.421 Find similar Compare side-by-side
217640 ZDNET 2021-10-8:
Russia poses the biggest nation-state cyber threat, says Microsoft
0.389 Find similar Compare side-by-side
218038 ZDNET 2021-10-12:
Olympus suffers second cyberattack in 2021
0.387 Find similar Compare side-by-side
218133 ZDNET 2021-10-15:
Critical infrastructure security dubbed 'abysmal' by researchers
0.383 Find similar Compare side-by-side
218177 ZDNET 2021-10-14:
Microsoft king of software audit, according to Flexera report
0.378 Find similar Compare side-by-side
217756 VENTUREBEAT 2021-10-13:
Dataminr to acquire crisis management firm Krizo
0.377 Find similar Compare side-by-side
218166 TECHREPUBLIC 2021-10-13:
3 risk management priorities CIOs are focused on right now
0.376 Find similar Compare side-by-side
217869 ZDNET 2021-10-13:
1 in 15 organizations runs actively exploited version of SolarWinds: Report
0.367 Find similar Compare side-by-side
217785 TECHREPUBLIC 2021-10-13:
As the Great Resignation accelerates, execs scramble to address the labor shortage
0.366 Find similar Compare side-by-side
217939 TECHREPUBLIC 2021-10-11:
Global PC shipment growth drops as supply fails to meet demand
0.352 Find similar Compare side-by-side
218073 VENTUREBEAT 2021-10-14:
Battling new cyberthreats in your hybrid work environment (VB Live) (VB Live)
0.347 Find similar Compare side-by-side
217992 ZDNET 2021-10-8:
McAfee/FireEye merger completed, CEO says automation only way forward for cybersecurity
0.346 Find similar Compare side-by-side
218009 ZDNET 2021-10-11:
Ransomware is the biggest cyber threat to business. But most firms still aren't ready for it
0.336 Find similar Compare side-by-side
217896 ZDNET 2021-10-12:
Stripe report tracks checkout changes, emergence of services like Klarna, Afterpay and more
0.335 Find similar Compare side-by-side
218183 ZDNET 2021-10-14:
HP Wolf report highlights widespread exploitation of MSHTML, typosquatting and malware families hosted on Discord
0.331 Find similar Compare side-by-side


ID: 217782


Date: 2021-10-12

Software supply chain breaches are ‘staggeringly high,’ report finds

The Transform Technology Summits start October 13th with Low-Code/No Code: Enabling Enterprise Agility. Register now! Software supply chain weaknesses have become pervasive in the enterprise. Thats according to a new report from BlueVoyant, which today released the findings of its second annual global survey into third-party cyber risk management. The research reveals that 97% of firms have been negatively impacted by a supply chain cybersecurity breach, with 93% admitting that they have suffered a direct cybersecurity breach because of weaknesses in their supply chain. Even though we are seeing [a rise in] awareness around the issue, breaches and the resulting negative impact are still staggeringly high, while the prevalence of continuous monitoring remains concerningly low, BlueVoyant global head of third-party cyber risk management Adam Bixler said in a statement. Third-party cyber risk can only become a strategic priority through clear and frequent briefings to the senior executive team and the board. So long as it remains a line item only discussed once or twice a year — or less often — then cyber risk management will continue to languish from a strategic perspective until an inevitable cyber event leaks data, disrupts operations, or embarrasses the firm. BlueVoyants report, which was conducted by independent research organization Opinion Matters, surveyed 1,200 executives across companies in business services, financial services, health care and pharmaceutical, manufacturing, utilities and energy, and defense industries. Counterintuitively, the results reveal that while companies increased their cybersecurity budgets by 26% to over 100% in the past 12 months,  the average number of breaches grew even faster, from 2.7 in 2020 to 3.7 in 2021 — a 37% year-over-year increase. The business services sector had the highest headcount in its cybersecurity and risk teams, while manufacturing companies were the least likely to identify supply chain and third-party cybersecurity risks as key priorities, according to BlueVoyant. Health care providers — 29% of which experienced 6 to 10 breaches in the past 12 months — showed the highest rate of third-party cyber risk awareness, meanwhile, with 55% identifying risk as a major concern. The BlueVoyant survey underlines the challenges that companies face with the expanding software supply chain. CrowdStrike cited supply chain attacks as a rising threat as far back as 2018 and believes that they will continue to be a major intrusion vector. Often taking the form of hardware or third-party compromises, these attacks provide malicious actors with the ability to propagate from a single intrusion point to multiple downstream targets of interest. According to a recent Aqua Security report, 73% of respondents are confident in their ability to stop software supply chain attacks, but only 32% are confident in the runtime capabilities required to stop threats like Kinsing malware, which only downloads in runtime. Our research shows that there are large concentrations of unknown third-party cyber risk across vertical sectors, supply chains, and vendors worldwide and organizations are experiencing frequent vendor-originated breaches, Bixler said. While budgets are rising, the critical question is where funds should be directed to make a tangible impact to reduce third-party cyber risk. A lack of visibility, strategy, and monitoring means the situation is unlikely to improve until it gets the appropriate attention. Broadly speaking, the pandemic has had a major impact on cybersecurity. Cybercrimes now cost the world nearly $600 billion each year. Meanwhile, the World Economic Forum reports that the likelihood of identifying and prosecuting the perpetrators of cyberattacks in the U.S. has fallen to a dismal 0.05%. Cyber investments are only likely to accelerate as hackers target newly digital businesses. Ransomware has increased 148% year-over-year with an estimated 2.9 million attacks so far in 2021, and the European Union Agency for Cybersecurity (ENISA) recently predicted a fourfold rise in supply chain attacks in 2021 over last year. High-profile incidents like the Colonial Pipeline shutdown, JBS supply chain disruptions, and compromised servers at SolarWinds and Microsoft could drive a 12.4% increase of spending on global information security and risk management technologies to $150 billion this year.