New global survey by CrowdStrike shows the average cost of a software supply chain attack is $1.1 million.

Dark Reading Staff, Dark Reading

July 23, 2018

1 Min Read

Less than 40% of organizations in the US, UK, and Singapore have vetted all of their external suppliers in the past 12 months, according to a new survey, and most organizations worldwide have been victims of a software supply chain attack.

While two-thirds say their organizations suffered a supply chain attack in the past year, 71% say they don't consistently require the same security requirements of their third-party suppliers as they use internally. The survey, conducted by Vanson Bourne on behalf of CrowdStrike, includes responses from 1,300 senior IT decision-makers and security pros in the US, Canada, UK, Mexico, Australia, Germany, Japan, and Singapore. 

Some 90% of organizations say software supply chain attacks cost an average of more than $1.1 million. Attackers are increasingly using an "indirect route" to hit their targets, says Dan Larson, vice president of product marketing at CrowdStrike. "They now inject malicious code into legitimate software," he says. "It's mostly invisible, which is why these attacks are becoming more common."

Read more here

Horizontal-334031_BH_US18_banners_468x60_non_1.png

 

 

 

Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights