Black Hat USA Research: Supply Chain and Cloud Security Risks Are Top of Mind
Black Hat, the producer of the cybersecurity industry's most established and in-depth security events, releases its eighth annual community survey Supply Chain and Cloud Security Risks Are Top of Mind. The report highlights important findings from more than 180 of the industry's most experienced cybersecurity professionals who reported concerns over attacks against cloud services, ransomware and the growing risks to the global supply chain.
Threats are Evolving as IT Environments Change
2021 was the year of supply chain attacks as organizations learned the various ways the global supply chain could be abused to compromise a large number of victims. When asked to think about the supply chain and relationships with vendors and customers, 53% of respondents named vulnerabilities in cloud or network services supplied to my enterprise by third-party providers as their greatest cybersecurity concerns. An equal number of respondents named vulnerabilities in the systems, applications and networks maintained by contractors, suppliers and customers. 34% of respondents listed vulnerabilities in off-the-shelf software of systems purchased from third parties was among their top two concerns, while 26% said they were most concerned about vulnerabilities in commercial software or cloud services introduced by open-source components.
In comparison to the 2021 Black Hat Attendee Survey, 60% were concerned about vulnerabilities in third-party systems and applications, 55% were concerned about vulnerabilities in cloud or network services and 47% were concerned about vulnerabilities in off-the-shelf software. These results showed clear concern for 61% of security professionals in the vulnerabilities in Microsoft Exchange and other of-the-shelf applications.
A Focus on Supply Chain and Cloud
When asked about the threats and challenges of greatest concern today, 39% of Black Hat attendees in the survey cited phishing and other forms of social engineering, 35% said targeted sophisticated attacks, 28% said attacks on suppliers, contractors or other partners connected to the organization's network and 26% said potential compromise of cloud services providers
Ransomware Demands Attention
Ransomware has evolved over the years from encrypting data in exchange for ransom to sophisticated campaigns capable of destroying systems or wiping out data. 59% of respondents said they believe the ransomware threat to their organizations increased, not decreased, over the past two years. Even with higher numbers of attacks, 96% of security professionals said they have been able to successfully block or minimize the impact of ransomware attacks against their organization over the past year.
To learn more about these research results, download a copy of Supply Chain and Cloud Security Risks Are Top of Mind here: https://messages.blackhat.com/2022-attendee-report-2022.
About Black Hat
For over 20 years, Black Hat has provided attendees with the very latest in information security research, development, and trends. These high-profile global events and trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia. More information is available at: blackhat.com. Black Hat is brought to you by Informa Tech.
About Informa Tech
Informa Tech is a market leading provider of integrated research, media, training and events to the global Technology community. We're an international business of more than 600 colleagues, operating in more than 20 markets. Our aim is to inspire the Technology community to design, build and run a better digital world through research, media, training and event brands that inform, educate and connect. Over 7,000 professionals subscribe to our research, with 225,000 delegates attending our events and over 18,000 students participating in our training programmes each year, and nearly 4 million people visiting our digital communities each month. For more information, please visit www.informatech.com.