59% of organizations faced a software supply chain attack

Image via Unsplash

A report by the Ponemon Institute found that 59% of organizations experienced a software supply chain attack, with 54% of these respondents having experienced one in the past year. This survey was conducted among 1,278 IT and IT security practitioners, with managers, directors and senior executives making up nearly half (49%) of the survey demographic.

28% of respondents state that a previously detected, unpatched open-source vulnerability was the cause of the software supply chain attack, while 23% report a zero-day vulnerability as the cause. Out of these organizations, 50% took more than a month to respond to the incident.

Responses from those surveyed suggests a lack of commitment (from organizations and/or executives) to mitigate the risk of malicious code/malware. Only 45% report that their organizations have a system in place for defending against malicious open-source packages, and only 39% believe that their senior leadership is highly dedicated to mitigating these risks in software supply chains.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.