"Black Hat USA Research: Supply Chain and Cloud Security Risks Are Top of Mind"
Black Hat's eighth annual community survey "Supply Chain and Cloud Security Risks Are Top of Mind," highlights key findings from over 180 of the industry's most experienced cybersecurity professionals, who expressed concerns about cloud service attacks, ransomware, and the growing risks to the global supply chain. When asked about the supply chain and relationships with vendors and customers, 53 percent of respondents cited vulnerabilities in cloud or network services provided to their enterprise by third-party providers as their top cybersecurity concern. The same number of respondents named vulnerabilities in contractors', suppliers', and customers' systems, applications, and networks. Vulnerabilities in off-the-shelf software or systems purchased from third-parties were listed as one of the top two concerns by 34 percent of respondents, while vulnerabilities in commercial software or cloud services introduced by open-source components were cited by 26 percent. In comparison to the 2021 Black Hat Attendee Survey, 60 percent were concerned about third-party systems and applications, 55 percent were concerned about vulnerabilities in cloud or network services, and 47 percent expressed concern about vulnerabilities in off-the-shelf software. These findings revealed that 61 percent of security professionals were concerned about vulnerabilities in Microsoft Exchange and other off-the-shelf applications. This article continues to discuss findings from the Black Hat USA 2022 Attendee Report.