Most high-level executives are highly confident in the cybersecurity of their supply chain, despite lacking comprehensive understanding of the essential components that make a software supply chain secure, a new report has claimed.
In its “Global C-suite security survey” report, CloudBees found 95% of respondents described their software supply chains as secure, while 93% said they were ready to handle a ransomware (opens in new tab) attack, or a similar threat against their supply chain.
Additional questions, however, revealed a different picture. Almost half (45%) admitted their software supply chain security initiatives aren’t complete, while almost two-thirds (64%) said they weren’t sure who to turn to, in case of a cyberattack.
- We've put together a list of the best endpoint protection (opens in new tab) software
- Here's our choice of the best malware removal (opens in new tab) software on the market
- Check out our list of the best firewalls (opens in new tab) available
“These findings show that while leaders are confident on the surface, they are also aware of security and planning gaps that could expose companies to significant business disruption, regulator and customer concerns and negative brand impact,” said Prakash Sethuraman, chief information security officer, CloudBees.
Rising issue in the boardroom
“For a software supply chain to be secure, it must be continuously verified throughout the entire lifecycle in real time – from commit all the way through to production. We’re encouraged to see that companies are focused on the development piece, but they need to look holistically end to end.”
Most companies are not prepared to react to a data breach quickly, the report further found, stating that it would take 64% of the respondents more than four days to remedy an issue.
For a Fortune 500 company, that could translate into millions in lost revenue, as well as an eroded reputation. While almost all (93%) regularly practice what they would do in such a scenario, more than half (58%) said they had no idea what they would really do if something like that happened.
Cybercrime has never been this important in the boardroom, as well. Almost all of the C-suite (95%) said they think about securing the supply chain now, compared to just two years ago, while 92% know a problem would severely impact the brand image.
- Protect your devices with these best antivirus software (opens in new tab)