A Breach Is Coming for Your Supply Chain

Supply chains are vulnerable to cybersecurity threats, including disruption of services, unauthorized access to data, and potential damage to physical assets. In a sector already plagued with challenges from recent events like the COVID-19 pandemic, supply chain disruptions due to cybersecurity threats can have a significant impact.

Recent research shows that a staggering 98% of APAC survey respondents said they had been negatively impacted by a cyber security breach in their supply chain.

BlueVoyant, a cyber defense company, released the APAC findings of its third annual global survey, The State of Supply Chain Defense: Annual Global Insights Report, into supply chain cyber risk management. The research showed a stark picture, with 62% of APAC respondents saying third-party cyber risk management is either not a priority or somewhat of a priority, despite the significant negative impact of cyber security breaches in their supply chain. Digital supply chains are made up of external vendors and suppliers who have access that could be compromised.

The independent research organization Opinion Matters conducted the study and recorded the views and experiences of 2,100 technology, information, and security executives covering 11 countries across North America, Europe, and Asia Pacific. It has 600 respondents across APAC from Australia, Singapore, and the Philippines, in organizations with more than 1,000 employees across a range of industries. 

BlueVoyant also found that 52% of APAC firms were negatively impacted by two to five cybersecurity breaches in their supply chain. However, only 38% of APAC respondents considered supply chain risk a priority which compares more favorably to a 36% global average.

Sumit Bansal, vice president of Asia Pacific and Japan at BlueVoyant, said, “Visibility into supply chain cyber security risk remains an ongoing problem across APAC. Despite the continuing high prevalence of negative impacts from cyber security breaches in the supply chain, such as the high-profile breaches seen in Australia towards the end of last year, IT leaders are still not making supply chain security a priority.”

The study revealed that many APAC respondents were unaware of the cyber risks in their supply chains, with 37% of respondents saying that cyber risk was not on their radar — compared to 38% globally.

When asked how frequently they re-assess third-party or supplier cyber security risk, the most common response (28%) by APAC respondents was quarterly. Almost a third (32%) of APAC respondents reported six monthly, annually, or less frequently. Only 3% say they monitor either daily or in real time.

Moreover, 39% of APAC respondents said they could not know if a cyber risk emerges in a third-party vendor, slightly lower than the overall 40% global average. However, the findings indicate the complex challenges that APAC firms must solve regarding supply chain risk.

Image credit: iStockphoto/RomoloTavani