Supply Chain Attacks on the Rise as Organizations Struggle to Close the Gaps -- Security Today

Supply Chain Attacks on the Rise as Organizations Struggle to Close the Gaps

Global research company CrowdStrike surveyed over a thousand IT decision-makers and found companies awarness to combat supply chain attacks.

By Sydny Shepard
Jul 23, 2018

When one thinks about securing an organization, they often think of the physical security of the building around the organization. Now, in the world of data breaches and cyber attacks, a company can no longer afford to turn a blind eye to its infrastructure and networks.

Global research company CrowdStrike surveyed 1,300 IT decision-makers and IT professionals in the US, Canada, UK, Mexico, Australia, Germany, Japan and Singapore across major industry sectors to determine the mindset across organizations when it came to supply chain attacks, like NotPetya and the breaches that affected Target and Equifax.

The survey discovered that although nearly 80 percent of respondents believe software supply chain attacks have the potential to become one of the biggest cyber threats over the next three years, few organizations are prepared to mitigate the risks.

Specific findings from the survey include:

1,300 respondents found that two in three said their organization experienced a software supply chain attack in the past 12 months.
The majority (87%) of those that suffered a software supply chain attack had either a full strategy in place, or some level of response pre-planned at the time of their attack. But attacks are still successful, which indicates that the strategies and technology currently in place aren’t stopping them.
90 percent confirmed they incurred a financial cost as a result of experiencing a software supply chain attack in the past, with the average cost of an attack at $1.1 million dollars
80 percent of U.S. respondents said supply chain attacks have the potential to become one of the biggest cyber threats over the next three years
Just 37 percent of respondents in the U.S. said their organization has vetted all suppliers, new or existing, over the past 12 months
44 percent plan to use Artificial Intelligence/Machine Learning to fight software supply chain attacks in the next 12 months

The survey points out that even though threats can occur in every sector of the economy, the industries that mostly experience thee attacks are biotechnology and pharmaceuticals, hospitality, entertainment and media and IT services.

Visit CrowdStrike to learn more about the Securing the Supply Chain Survey.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Security LeadHER Opens Call for Speakers and Registration for 2025 Event
01/24/2025
Stronger Together: Stone Security, BearCom Team Up
01/23/2025
Genetec Named One of Canadas 2025 Top Employers for Young People
01/22/2025
MediaStorm and HID Partner to Transform the Workplace Experience with Employee Badge in Apple Wallet
01/21/2025
Napco’s Continental Enterprise Controllers Now Integrated with LifeSafety Power
01/21/2025
NAPCO Promotes Peter Lowenstein to Head Napco Access
01/16/2025
i-PRO Shares Key Predictions for the Physical Security Market in 2025
01/14/2025
Snap One Adds New Luma 4K Hybrid Surveillance Cameras to X20 Portfolio
01/14/2025

Featured

Human Risk Management: A Silver Bullet for Effective Security Awareness Training

You would think in a world where cybersecurity breaches are frequently in the news, that it wouldn’t require much to convince CEOs and C-suite leaders of the value and importance of security awareness training (SAT). Unfortunately, that’s not always the case. Read Now
- Cybersecurity
Windsor Port Authority Strengthens U.S.-Canada Border Waterway Safety, Security

Windsor Port Authority, one of just 17 national ports created by the 1999 Canada Marine Act, has enhanced waterway safety and security across its jurisdiction on the U.S.-Canada border with state-of-the-art cameras from Axis Communications. These cameras, combined with radar solutions from Accipiter Radar Technologies Inc., provide the port with the visibility needed to prevent collisions, better detect illegal activity, and save lives along the river. Read Now
- Government
Survey: 84 Percent of Healthcare Organizations Spotted Cyberattack in Last 12 Months

Netwrix, a vendor specializing in cybersecurity solutions focused on data and identity threats, surveyed 1,309 IT and security professionals globally and recently released findings for the healthcare sector based on the data collected. It reveals that 84% of organizations in the healthcare sector spotted a cyberattack on their infrastructure within the last 12 months. Phishing was the most common type of incident experienced on premises, similar to other industries. Read Now
- Cybersecurity
Keynote Speakers Announced for ISC West 2025

ISC West, hosted in collaboration with premier sponsor the Security Industry Association (SIA), unveiled its 2025 Keynote Series. Featuring a powerhouse lineup of experts in cybersecurity, retail security, and leadership, each keynote will offer invaluable insights into the challenges and opportunities transforming the field of security. Read Now
- Industry Events
- ISC West

Webinars

Hanwha Vision (formerly Hanwha Techwin)

Looking Ahead to 2026
Salient Systems, Hanwha Vision (formerly Hanwha Techwin)

Campus Security & Life Safety Virtual Summit 2025 - November
Hanwha Vision (formerly Hanwha Techwin)

Video Surveillance

Whitepapers

Salient Systems

A Model for Community Security
Genetec

State of Physical Security 2025
Winsted Corporation

Sit/Stand Consoles: Helping Increase Productivity

New Products

Automatic Systems V07

Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3
Unified VMS

AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3
Camden CM-221 Series Switches

Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3