Skip to main content

ISACA report uncovers significant Supply Chain Security gaps in India and globally

 • Indian organizations seem to have a better clarity on various supply chain security gaps compared to other responding nations

55% expressed highest concern in ransomware threats among all potential supply chain risks

83% identified he need for better governance in the organization’s supply chain


ISACA® has just launched new global research results, Supply Chain Security Gaps: A 2022 Global Research Report that has divulged interesting threats and security gaps in the supply chain ecosystem globally. In India, just like many other developing economies, supply chain challenges have rocked both enterprises and consumers alike, making it harder to access certain goods and maintain business continuity. Increasing security threats have only heightened these concerns, and this ISACA survey report illuminates IT professionals’ key concerns around security challenges and how their organizations are responding to them.  It received responses from more than 1,300 IT professionals with pressing supply chain insights.  In the Indian market, the report findings cited the following supply chain risks as their key concerns:

Ransomware 55%

Hardware with embedded malware 44%

Third-party data storage 42%

Compromised software 42%

Software security vulnerabilities 40%

Poor information security practices by suppliers 32%

Third-party service providers or vendors with physical or virtual access to information systems, software code or IP 29%


“To advance digital trust, there needs to be a level of confidence in the security, integrity and availability of all systems and suppliers,” says David Samuelson, ISACA CEO. “As we have seen from previous incidents, customers do not differentiate between an attack on an element of your supply chain and an attack on your own systems. Now is the time to take swift and meaningful actions to improve supply chain security and governance.”

Additionally, the ISACA report demonstrates concrete data on overall supply chain security gaps and behavioural pattern within organisations. Some of the most striking results have been listed below –

 

87 Percent of the respondents in India feel their organization’s leaders have sufficient understanding of supply chain risks compared to 70 percent globally. 

About 56 percent indicate they have high confidence in the security of their organization’s supply chain

60 percent have high confidence in the access controls throughout their supply chain. 

Among all potential supply chain risks, 55 per cent of the respondents were concerned about ransomware threats

73 percent believe that organization’s supply chain issues will improve while 24 percent feel it will remain the same

More than 1 in 5 organisations (21 percent) experienced attacks on digital supply chain in the last 1 year

Almost 91 percent include cybersecurity and privacy assessments in their supplier assessment process

83 percent feel organization’s supply chain need better governance than what is currently in place

A much higher percentage of organizations in India say their risk assessments include supply chain assessments for IoT devices (83% in India compared to 51 percent globally) and AI (60 percent compared to 39 percent globally), compared to organizations in other countries.


"Key stakeholders – private enterprises, governments, supply chain institutions, and other associated third-party vendors will need to work closely to eradicate crucial supply chain security gaps,” says R V Raghu, Director at Versatilist Consulting India Pvt Ltd, and ISACA Ambassador. “It is imperative that there is a disclosure of open-source software components and threat and vulnerability analysis of key third parties involved and robust supply chain governance to ensure an effective IT supply chain security."

To read the full survey report and access additional resources on how organizations can enhance supply chain security and governance, visit www.isaca.org/supply-chain-security. ISACA also offers additional publications on the topic, including the How to Manage Supply Chain Risk ebook, as well as cybersecurity resources at www.isaca.org/resources/cybersecurity. 

 

About ISACA:  ISACA® (www.isaca.org) is a global community advancing individuals and organizations in their pursuit of digital trust. For more than 50 years, ISACA has equipped individuals and enterprises with the knowledge, credentials, education, training and community to progress their careers, transform their organizations, and build a more trusted and ethical digital world. ISACA is a global professional association and learning organization that leverages the expertise of its more than 150,000 members who work in digital trust fields such as information security, governance, assurance, risk, privacy and quality. It has a presence in 188 countries, including 225 chapters worldwide. Through its foundation One in Tech, ISACA supports IT education and career pathways for under resourced and underrepresented populations.


Comments

Post a Comment

Popular posts from this blog

Wearable Healthcare Devices pose a threat to human rights of old people: University of Essex study

Wearable healthcare devices, used to improve care, and the lives of old people, could be risking their basic human rights, according to new research report – ‘A Digital Cage is still a Cage’ – by UK-based University of Essex   Many wearable healthcare technologies pose acute risks to the right to privacy, which is particularly serious given that these technologies are used in people’s homes, including in bedrooms and bathrooms   Human Rights and privacy risks may increase as technologies become more sophisticated Researchers at UK-based University of Essex have warned that Digital technology used to improve care, and the lives, of old people could be risking their basic human rights. According to new research, although digital technologies can be used to improve social care, it can also adversely impact human rights and contribute to the segregation and isolation of old people. The report, ‘A Digital Cage is Still a Cage’, argues that emerging technologies used to mon
Post a Comment
Read more

SAEINDIA sets agenda for the future of mobility, with the First ever Sustainable Multimodal Mobility Conference - SIIMC 2022

·          SIIMC 2022 is the 10th Edition of the International Mobility Conference ·     The SAEINDIA International Mobility Conference (SIIMC 2022), will bring together the mobility ecosystem, with a phygital event to be held between Oct 12 and 14, 2022. ·          The conference will see participants presenting more than 180 papers and 543 abstracts on engineering innovations, focusing on promoting sustainable and multi-modal mobility in India and globally. ·          TechHive, a dedicated space for technology presentations and product demos/B2B stalls, will be the largest meeting point for mobility startups and investors, to converse and forge business partnerships . The country’s leading resource for mobility technology SAEINDIA (the Society of Automotive Engineers INDIA) , is back with the 10th edition of its flagship event SAEINDIA International Mobility Conference (SIIMC 2022), which is the first ever International Sustainable Multimodal Mobility Conference. The SIIMC 2022
Post a Comment
Read more

First-ever Graduation Ceremony in India to be held by University of Essex

  ·          UK’s University of Essex graduates and alumni from across India to attend first-ever Indian graduation ceremony. ·          Indian graduation ceremony in January 2023 to have all sense of occasion, excitement and fun which Essex graduation ceremonies are so well known for. ·          Open to all Indian alumni even if they attended their original ceremony in Colchester. UK’s University of Essex today announced that it will hold a special and first-ever graduation ceremony for its students in India. The prestigious ceremony will be held at the British High Commissioner's Residence in New Delhi and will be attended by recent graduates plus soon to graduate students, alumni, Essex Vice-Chancellor Professor Anthony Forster and the soon to be announced Indian Alumni of the Year. The first graduation ceremony is to be held in India, on 21 January 2023. Vice-Chancellor Professor Anthony Forster said: “I’m very much looking forward to sharing this unforgettable day with our
Post a Comment
Read more