Most execs say they don't know who to call when security issues come up

Supply Chain
(Image credit: / TMLsPhotoG)

Most high-level executives are highly confident in the cybersecurity of their supply chain, despite lacking comprehensive understanding of the essential components that make a software supply chain secure, a new report has claimed.

In its “Global C-suite security survey” report, CloudBees found 95% of respondents described their software supply chains as secure, while 93% said they were ready to handle a ransomware attack, or a similar threat against their supply chain. 

Additional questions, however, revealed a different picture. Almost half (45%) admitted their software supply chain security initiatives aren’t complete, while almost two-thirds (64%) said they weren’t sure who to turn to, in case of a cyberattack. 

“These findings show that while leaders are confident on the surface, they are also aware of security and planning gaps that could expose companies to significant business disruption, regulator and customer concerns and negative brand impact,” said Prakash Sethuraman, chief information security officer, CloudBees. 

Rising issue in the boardroom

“For a software supply chain to be secure, it must be continuously verified throughout the entire lifecycle in real time – from commit all the way through to production. We’re encouraged to see that companies are focused on the development piece, but they need to look holistically end to end.”

Most companies are not prepared to react to a data breach quickly, the report further found, stating that it would take 64% of the respondents more than four days to remedy an issue. 

For a Fortune 500 company, that could translate into millions in lost revenue, as well as an eroded reputation. While almost all (93%) regularly practice what they would do in such a scenario, more than half (58%) said they had no idea what they would really do if something like that happened.

Cybercrime has never been this important in the boardroom, as well. Almost all of the C-suite (95%) said they think about securing the supply chain now, compared to just two years ago, while 92% know a problem would severely impact the brand image. 

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.