New York, November 4, 2024 – The fifth edition of BlueVoyant’s annual global supply chain cyber risk survey depicts a paradox of progress and continuous setbacks as 81% of organizations experienced cyber breaches in their supply chains within the last year, compared to 94% of reported breaches in the year 2023.
“More organizations than any previous year indicated that their primary focus is no longer on awareness of the third-party risk management problem or adoption of a program, but rather with the operational, day-to-day challenges of managing an effective program,” said Joel Molinoff, global head of Supply Chain Defense at BlueVoyant.
“While this progress also brings many new challenges, it indicates a major step in the right direction when contrasted with previous years where many organizations had poor tracking of third-party vendors, little to no leadership oversight, and virtually no collaboration when it came to remediating cyber issues.”
This extensive research, conducted across 11 countries, surveyed 2,100 C-suite leaders and revealed significant increases in cybersecurity investment, with 86% of the organizations increasing their third-party risk management expenditures. The degree of supplier engagement and collaboration has almost increased two-fold with 36% of the organizations having engaged in risk remediation with vendors as compared to 19% last year.
Healthcare insurance has been ranked the most exposed, with 87% of organizations experiencing negative impacts from third-party breaches. While a disturbing 36% of respondents in the health sector claimed no ability to detect the threats posed by third parties.
“Organizations are making progress in more frequent monitoring of third parties, though challenges in reporting metrics to senior management persist,” noted Brendan Conlon, Global Director of Supply Chain Defense at BlueVoyant.
“As information security as an industry continues to mature, there will be more focus on the tighter integration of multiple aspects of security operations. This means that third-party cyber risk will inevitably be folded into day-to-day SOC operations and wider risk management programs.”
Only 32% of these vendors were found to be consistently monitored while 50% of organizations cite that they have resource constraints for vendor assessment.
The results also reveal a serious inadequacy of supply chain security, with organizations monitoring only 1,459 suppliers out of an average of 4,510, despite increased awareness and investment in cybersecurity measures.
Source: https://www.bluevoyant.com/press-releases/progress-in-third-party-cyber-risk-management
Latest Stories:
HEIDELBERG Revolutionizes Printing Industry with AI-Controlled Autonomous Systems
Dialog Axiata, Ericsson Lead with First Virtual Base Station Controller
OPPO Deepens AI Research Partnership with Hong Kong PolyU in Major Expansion
What is your reaction?
