"Firms Not Planning for Supply Chain Threats"

According to new research conducted by Tata Consultancy Services (TCS), enterprises are failing to plan properly for supply chain risks and cybersecurity threats from the wider digital ecosystem.  According to the researchers, organizations put the risks posed by ecosystem partners at the bottom of the list of 10 key threats.  CISOs and chief risk officers believed that financial systems, customer databases, and R&D were the systems most likely to be targeted.  Supply chain and distribution were placed in ninth.  The survey participants were from organizations with annual revenues of $1bn or more.  The researchers found that only 16% of chief risk officers believed the digital ecosystem was a concern when it comes to cyber risks, and only 14% said those ecosystems were a priority for board level discussions.  The researchers also found that a small number of enterprises fail to focus on cyber risk, with one in six boards discussing it only “occasionally, as necessary or never.” The researchers noted that organizations with above-average profit and revenue growth were likelier to put cybersecurity on the agenda at board meetings.  The researchers stated that organizations view the cloud as a more secure environment than conventional data centers and on-premises systems.  Additionally, the research highlighted ongoing concerns about skills and the need to attract and retain talented security staff.  According to the study, the researchers stated that organizations where senior leaders focus on cybersecurity are more likely to close the skills gap.

Infosecurity reports: "Firms Not Planning for Supply Chain Threats"