Lessons Learned from the Global Year in Breach: Supply Chain Cybersecurity Risk is Swamping …

The headlines have been about supply chain risk for a while now. Here are some stats on the extent of the problem…:

[…] A cycle that many experts have been warning about has kicked into high gear in 2021: increasing third party and supply chain related cybercrime. Years of data breaches have provided cybercriminals with abundant fuel for cyberattacks ranging from business email compromise to credential stuffing. A booming cybercrime-as-a-service gig economy is also enabling growth for dark web operations from targeted database hacking to outsourced phishing operations. Add in the vast amount of information that bad actors have to choose from in crafting their operations (22 million new records landed on the dark web in 2020), and you’ve got a nasty stew that’s very appetizing to cybercriminals, but very bad for businesses. Over 90% of US businesses experienced a cybersecurity incident like a data breach in 2020 because of a third party or supply chain fault, and worldwide more than 60% of data breaches were the result of exposure through a third party.

[…]

Original article