"64 Percent of Security Leaders Can't Stop a Supply Chain-Related Attack"
Businesses have spent the last two years focusing on changing the way they operate due to the COVID-19 pandemic. However, these changes called for a high level of IT support and resources, leading to deficiencies in other areas, such as the ability to thwart a supply chain attack. According to the CyberArk 2022 Identity Security Threat Landscape Report, 79 percent of cybersecurity workers polled believed that cybersecurity had taken a backseat to operations and new digital initiatives. The survey included 1,750 IT workers from companies with more than 500 employees in the US, UK, France, Germany, Japan, Italy, Spain, Brazil, Mexico, Israel, Singapore, and Australia. One in every four respondents is a C-suite executive, and 94 percent work at the manager or higher level. According to Udi Mokady, founder, chairman, and CEO of CyberArk, the combination of an expanding attack surface, increasing numbers of identities, and cybersecurity debt exposes organizations to even greater risk, which is already heightened by ransomware threats and vulnerabilities throughout the software supply chain. This threat environment necessitates a security-first approach to identity protection capable of outpacing attacker innovation. Hybrid working was cited as the biggest risk factor in cyber workers' jobs by 86 percent of the respondents. Of the respondents, 84 percent said introducing new digital services for customers or citizens and increasing outsourcing of remote vendors and suppliers is the biggest risk factor. Each of these resulted in the creation of new human and machine identities. Over 60 percent of the respondents said they could not stop an attack launched by a compromised software supplier. Simultaneously, 71 percent of organizations experienced software supply chain attacks, resulting in data loss or asset compromise. For businesses of all sizes, the risk of such an attack is significantly high. The energy and utility industries were especially vulnerable, with 88 percent of respondents reporting a successful attack. This article continues to discuss key findings shared in the CyberArk 2022 Identity Security Threat Landscape Report.