Cyber Attacks on the Global Supply Chain Have Increased by 51%

Cyber Attacks on the Global Supply Chain Have Increased by 51%As supply chain vendors become a greater target, the businesses reliant upon them don’t seem to be responding with the appropriate urgency, according to new data.

The Insight Space: Supply Chain Risk report from global cyber and software resilience vendor NCC Group focuses in on the growing problem of attacks on the supply chain and how the organizations that rely on them are addressing the risk themselves – and the numbers don’t paint the picture of a confident outcome, given the massive 51% growth in attacks in the last six months:

  • 49% of organizations said that they do not stipulate security standards that their suppliers must adhere to as part of their contracts
  • 34% said that they do not regularly monitor and risk assess their suppliers’ cyber security strategy
  • Only 32% of organizations are “very confident” that they could respond quickly and effectively to a supply chain attack

The NCCC Group recommend a multi-faceted strategy to prevent supply chain attacks that includes

  • Discovery to identify supply chain risk
  • Supplier assurance policy, processes, and controls
  • Isolation and segmentation of systems, networks, and data
  • Timely detection of supply chain attacks across your networks, systems, and applications
  • Development and regular testing of appropriate incident response play and run books, based on up-to-date real-world scenarios

Many supply chain attacks can leverage the interaction between employees in your organization and your suppliers. Impersonation can play a powerful role in gaining access to a supplier’s customers, making it critical to include Security Awareness Training for your organization’s employees as a part of the strategy. Those that undergo training will learn about how impersonation can be used and that each employee must maintain a state of vigilance – even when receiving communications that look normal – to ensure the organization does not fall prey to an attack.

The world's largest library of security awareness training content is now just a click away!

In your fight against phishing and social engineering you can now deploy the best-in-class simulated phishing platform combined with the world's largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters.

You can now get access to our new ModStore Preview Portal to see our full library of security awareness content; you can browse, search by title, category, language or content topics.

ModStore01-1The ModStore Preview includes:

  • Interactive training modules
  • Videos
  • Trivia Games
  • Posters and Artwork
  • Newsletters and more!

Start Your Preview

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews