BlueVoyant’s Latest Study Reveals Over 80% of Organizations Hit by Cyber Breaches in Their Supply Chain in the Last Year, Averaging 3.7 Incidents

CyberTech company BlueVoyant unveiled the findings of its fifth annual global survey on supply chain cyber risk management. The report mentions the growing clout of Third-Party Risk Management (TPRM) tools in 2024, even as organizations increased their budgets and investments to buy TRPM to prevent breaches.

BlueVoyant’s “The State of Supply Chain Defense: Annual Global Insights Report” reveals significant progress toward an organizational-level approach to third-party risk management (TPRM). This year, respondents have shifted their focus from merely raising awareness and driving the adoption of TPRM practices to actively enforcing compliance and ensuring that security measures are robustly implemented across their supply chains.

Latest CyberTech News: NTT DATA and Google Cloud Expand Strategic Partnership

The study also highlights a continued commitment to strengthening supply chain security, with organizations increasing investments in cutting-edge technologies and skilled cybersecurity talent. These efforts aim to mitigate the growing threat landscape and address vulnerabilities that could lead to breaches, underscoring the increasing importance of cybersecurity within third-party relationships. Despite the progress, the survey also underscores the persistent risks that remain, pointing to the need for further innovation and vigilance in protecting critical supply chain infrastructures.

What is Third-Party Risk Management (TPRM)?

Third-Party Risk Management (TPRM) has become a critical focus for cybersecurity leaders and IT managers as organizations increasingly rely on external partners, vendors, and suppliers to operate efficiently. While these partnerships drive business growth and innovation, they also introduce significant cybersecurity risks that can compromise the entire network ecosystem.

Why TRPM Matters in 2024?

Effective TPRM is no longer just about identifying risks; it’s about continuously assessing, monitoring, and enforcing security protocols to protect sensitive data and maintain operational integrity. Cybersecurity strategies must evolve with cyber threats. The evolution safeguards operational infrastructure and business relationships, often demanding a proactive, comprehensive approach to IT and OT cybersecurity. For IT managers and cybersecurity leaders, prioritizing TPRM is essential in building resilience and ensuring that third-party risks do not impact the organization’s existing security posture.

Key Takeaways from BlueVoyant’s “The State of Supply Chain Defense: Annual Global Insights Report”

81% of organizations experienced negative impacts from supply chain breaches in the past year, a decrease from 94% in 2023. While this shows notable improvement, a majority of organizations continue to face costly breaches.

At the time of this announcement, Joel Molinoff, global head of Supply Chain Defense at BlueVoyant said – “More organizations than any previous year indicated that their primary focus is no longer on awareness of the third-party risk management problem or adoption of a program, but rather with the operational, day-to-day challenges of managing an effective program.”

Joel added, “While this progress also brings many new challenges, it indicates a major step in the right direction when contrasted with previous years where many organizations had poor tracking of third-party vendors, little to no leadership oversight, and virtually no collaboration when it came to remediating cyber issues.”

Despite increased budgets and closer collaboration with suppliers, organizations are facing significant challenges in addressing supply chain cyber threats. Key findings from the report highlight ongoing struggles in mitigating these risks:

  • Increased budgets and resources: 86% of respondents report a rise in their TPRM budgets, indicating greater financial commitment to managing third-party risks.
  • Greater supplier collaboration: Over 36% of organizations—up from just 19% last year—are now taking a more proactive role in working with their suppliers to address and remediate identified cyber risks.
  • Healthcare sector struggles: Among the six sectors surveyed, healthcare and pharmaceuticals faced the highest rates of supply chain breaches, with 87% of organizations reporting negative impacts. Additionally, 36% of healthcare companies admitted they lack the ability to detect threats within their third-party ecosystem, the highest rate across all industries.
  • Insufficient monitoring and assessments: Only 32% of third-party vendors are consistently monitored (an average of 1,459 out of 4,510), while 50% of organizations report they do not regularly assess all vendors due to challenges in resources, technology, and expertise.

These findings underscore the need for organizations to elevate their focus on monitoring, vendor assessments, and enhancing collaboration to mitigate the evolving risks posed by third-party relationships.

Brendan Conlon, Global Director of Supply Chain Defense at BlueVoyant explains – “As information security as an industry continues to mature, there will be more focus on the tighter integration of multiple aspects of security operations. This means that third-party cyber risk will inevitably be folded into day-to-day SOC operations and wider risk management programs.”

Currently, BlueVoyant offers a robust, cloud-native security operations platform that delivers real-time threat monitoring across networks, endpoints, and supply chains—extending to the clear, deep, and dark web. By combining cutting-edge AI technology with expert human analysis, the platform provides comprehensive protection and rapid threat mitigation, ensuring enterprise-level cybersecurity.

Cyber Technology Insights: AppDirect and Centripetal Partner to Offer Intelligence Powered Cybersecurity

Source – BlueVoyant

To share your insights, please write to us at news@intentamplify.com