Supply Chain Attacks on the Rise as Organizations Struggle to Close the Gaps

Supply Chain Attacks on the Rise as Organizations Struggle to Close the Gaps

Global research company CrowdStrike surveyed over a thousand IT decision-makers and found companies awarness to combat supply chain attacks.

When one thinks about securing an organization, they often think of the physical security of the building around the organization. Now, in the world of data breaches and cyber attacks, a company can no longer afford to turn a blind eye to its infrastructure and networks.

Global research company CrowdStrike surveyed 1,300 IT decision-makers and IT professionals in the US, Canada, UK, Mexico, Australia, Germany, Japan and Singapore across major industry sectors to determine the mindset across organizations when it came to supply chain attacks, like NotPetya and the breaches that affected Target and Equifax.

The survey discovered that although nearly 80 percent of respondents believe software supply chain attacks have the potential to become one of the biggest cyber threats over the next three years, few organizations are prepared to mitigate the risks.

Specific findings from the survey include:

  • 1,300 respondents found that two in three said their organization experienced a software supply chain attack in the past 12 months.
  • The majority (87%) of those that suffered a software supply chain attack had either a full strategy in place, or some level of response pre-planned at the time of their attack. But attacks are still successful, which indicates that the strategies and technology currently in place aren’t stopping them.
  • 90 percent confirmed they incurred a financial cost as a result of experiencing a software supply chain attack in the past, with the average cost of an attack at $1.1 million dollars
  • 80 percent of U.S. respondents said supply chain attacks have the potential to become one of the biggest cyber threats over the next three years
  • Just 37 percent of respondents in the U.S. said their organization has vetted all suppliers, new or existing, over the past 12 months
  • 44 percent plan to use Artificial Intelligence/Machine Learning to fight software supply chain attacks in the next 12 months

The survey points out that even though threats can occur in every sector of the economy, the industries that mostly experience thee attacks are biotechnology and pharmaceuticals, hospitality, entertainment and media and IT services.

Visit CrowdStrike to learn more about the Securing the Supply Chain Survey.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • AI Is Now the Leading Cybersecurity Concern for Security, IT Leaders

    Arctic Wolf recently published findings from its State of Cybersecurity: 2025 Trends Report, offering insights from a global survey of more than 1,200 senior IT and cybersecurity decision-makers across 15 countries. Conducted by Sapio Research, the report captures the realities, risks, and readiness strategies shaping the modern security landscape. Read Now

  • Analysis of AI Tools Shows 85 Percent Have Been Breached

    AI tools are becoming essential to modern work, but their fast, unmonitored adoption is creating a new kind of security risk. Recent surveys reveal a clear trend – employees are rapidly adopting consumer-facing AI tools without employer approval, IT oversight, or any clear security policies. According to Cybernews Business Digital Index, nearly 90% of analyzed AI tools have been exposed to data breaches, putting businesses at severe risk. Read Now

  • Software Vulnerabilities Surged 61 Percent in 2024, According to New Report

    Action1, a provider of autonomous endpoint management (AEM) solutions, today released its 2025 Software Vulnerability Ratings Report, revealing a 61% year-over-year surge in discovered software vulnerabilities and a 96% spike in exploited vulnerabilities throughout 2024, amid an increasingly aggressive threat landscape. Read Now

  • Motorola Solutions Named Official Safety Technology Supplier of the Ryder Cup through 2027

    Motorola Solutions has today been named the Official Safety Technology Supplier of the 2025 and 2027 Ryder Cup, professional golf’s renowned biennial team competition between the United States and Europe. Read Now

  • Evolving Cybersecurity Strategies

    Organizations are increasingly turning their attention to human-focused security approaches, as two out of three (68%) cybersecurity incidents involve people. Threat actors are shifting from targeting networks and systems to hacking humans via social engineering methods, living off human errors as their most prevalent attack vector. Whether manipulated or not, human cyber behavior is leveraged to gain backdoor access into systems. This mainly results from a lack of employee training and awareness about evolving attack techniques employed by malign actors. Read Now

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.