- 77% of businesses uncovered hidden participants in their
software supply chain that they were not previously aware
of
- 72% call for greater government oversight of open-source
software to increase cyber protection
NEW
YORK, Oct. 26, 2022 /PRNewswire/ -- BlackBerry
Limited (NYSE: BB; TSX: BB) today revealed new research at the
9th annual BlackBerry Security Summit, exposing the
magnitude of software supply chain cybersecurity vulnerabilities in
today's organizations. Four in five (80%) IT decision makers stated
that their organization had received notification of attack or
vulnerability in its supply chain of software in the last 12
months, with the operating system and web browser creating the
biggest impact. Following a software supply chain attack,
respondents reported significant operational disruption (59%), data
loss (58%) and reputational impact (52%), with nine out of ten
organizations (90%) taking up to a month to recover.
The results come at a time of increased U.S. regulatory
and legislative interest in addressing software supply chain
security vulnerabilities.
The survey of 1,500 IT decision makers and cybersecurity leaders
across North America, the
United Kingdom and Australia revealed the significant challenge
of securing software supply chains against cyberattack, even with
rigorous use of recommended measures such as data encryption,
Identity Access Management (IAM) and Secure Privileged Access
Management (PAM) frameworks. Despite enforcing these measures
across partners, more than three-quarters (77%) of respondents had,
in the last 12 months, discovered unknown participants within their
software supply chain that they were not previously aware of and
that they had not been monitoring for adherence to critical
security standards.
"While most have confidence that their software supply chain
partners have policies in place of at least comparable strength to
their own, it is the lack of granular detail that exposes
vulnerabilities for cybercriminals to exploit," said Christine
Gadbsy, VP, Product Security at BlackBerry. "Unknown components and
a lack of visibility on the software supply chain introduce blind
spots containing potential vulnerabilities that can wreak havoc
across not just one enterprise, but several, through loss of data
and intellectual property and operational downtime, along with
financial and reputational impact. How companies monitor and manage
cybersecurity in their software supply chain has to rely on more
than just trust."
Results also revealed that while, on average, organizations were
found to perform a quarterly inventory of their own software
environment, they were prevented from more frequent monitoring by
factors including a lack of skills (54%) and visibility (44%). In
fact, 71% said they would welcome tools to improve inventory of
software libraries within their supply chain and provide greater
visibility to software impacted by a vulnerability. Similarly, 72%
were in favor of greater governmental oversight of open-source
software to make it more secure against cyber threats.
In the event of a breach, 62% of respondents agree that speed of
communications is paramount and 63% would prefer a consolidated
event management system for contacting internal security
stakeholders and external partners. Yet only 19% have this kind of
communications system in place. Multiple systems are in place with
the remaining 81%, despite only 28% of respondents saying that they
need to tailor communications to different stakeholder groups.
For more information on how BlackBerry's comprehensive,
prevention-first, AI-driven cybersecurity solutions can help your
business prepare for, prevent, detect and respond to cyber threats,
please visit BlackBerry.com.
Notes to editor: Research conducted in
October 2022 by Coleman Parkes on behalf of BlackBerry, into
1,500 IT Decision Makers and Cybersecurity professionals across
North America (USA and Canada), the United
Kingdom and Australia.
About BlackBerry
BlackBerry (NYSE: BB; TSX: BB)
provides intelligent security software and services to enterprises
and governments around the world. The company secures more
than 500M endpoints including over
215M vehicles. Based in
Waterloo, Ontario, the company
leverages AI and machine learning to deliver innovative solutions
in the areas of cybersecurity, safety and data privacy solutions,
and is a leader in the areas of endpoint management, endpoint
security, encryption, and embedded systems. BlackBerry's
vision is clear - to secure a connected future you can
trust.
BlackBerry. Intelligent Security. Everywhere.
For more information, visit BlackBerry.com and follow
@BlackBerry.
Trademarks, including but not limited to BLACKBERRY and
EMBLEM Design are the trademarks or registered trademarks of
BlackBerry Limited, and the exclusive rights to such trademarks are
expressly reserved. All other trademarks are the property of
their respective owners. BlackBerry is not responsible for
any third-party products or services.
Media Contacts:
BlackBerry Media Relations
+1 (519) 597-7273
mediarelations@BlackBerry.com
View original content to download
multimedia:https://www.prnewswire.com/news-releases/blackberry-commissioned-research-reveals-four-in-five-software-supply-chains-exposed-to-cyberattack-in-the-last-12-months-301657657.html
SOURCE BlackBerry Limited