BSIMM12 reports increased attention on software security due to recent supply chain disruptions. Get recommendations for managing supply chain risks. As the global pandemic disrupted the way business is conducted, the workforce became more dispersed and moved far from the traditional secure enterprise environments.

Cybersecurity threats are on the rise. Over the past year, we’ve observed a 148% increase in ransomware attacks and an 85% increase in phishing attacks targeting remote users. Worse still, these attacks are growing increasingly sophisticated, with threat actors using eight or more vectors in the same attack, often deploying multiple vectors within minutes of one another.

If the UK Government gets its way, IT service vendors and other cloud-based service providers may soon be required to adopt new measures to strengthen their cybersecurity, amid rising concerns about supply chain risks. The Department for Digital, Culture, Media and Sport (DCMS) has floated plans to make mandatory compliance with the National Cyber Security Centre’s Cyber Assessment Framework, which provides guidance for organisations responsible for vitally important services and activities.

Supply chain logistics have been the backbone of global trade for hundreds of years. Extending the same concept, with the added digital components gives birth to supply chain cyber security risks. Supply chain cyber security is a topic that has come into the limelight for the last couple of years.

At SecurityScorecard, we believe that making the world a safer place means transforming how organizations view cybersecurity. For us, this means that companies must take a holistic approach, protecting systems not just from the inside, but also knowing what an organization’s vulnerabilities look like from the outside-in to see what the hackers are seeing.

The new threats in software development are not only related to the specific company itself. The whole software supply chain is a target for attackers and it is really important to make sure that we put all our effort into securing each link because if one fails, everything will be affected. Supply chain activities include each step of the transformation of raw materials, components, and resources into a completed product, and its delivery to the end customer.

Supply-chain attacks may not grab the headlines in the same way as ransomware or data breaches, but these sneaky cyberattacks are just as dangerous for your business.

82% of professionals believe that software supply chain security should be given a degree of priority, with only 7% stating that it is not a priority at all. This is one of the key findings from us Pulse survey of 298 senior technology executives from companies in North America, Europe, Africa, and Asia.

News reports on attacks on the “supply chain” are becoming an almost every-day occurrence. First there was SolarWinds, then Kayesa, followed by countless other large and small supply chain attacks. Global businesses, economies, and lives are intricately connected to each other through applications and the internet. When critical systems are attacked and operations are affected, the downstream problems quickly become apparent.