BlueVoyant Research Reveals Supply Chain Cyber Risk Remains Overlooked by Singapore Organisations Despite Increased Cyber Threats
Study unveils respondents in Singapore experienced negative impacts from more than 4 third-party related breaches, in the past 12 months, disrupting operations, and highlighting the growing threat
SINGAPORE, December 8, 2023 — BlueVoyant, a cyber security company that illuminates, validates, and mitigates internal and external risks, today released the findings of its fourth annual global survey into supply chain cyber risk management. The research reveals supply chain cyber security risk management is not a priority for more than 50% of respondents in Singapore despite an average 4.42 breaches reported to be negatively impacting operations this year. More alarmingly, almost a third of respondents reported between 6 and 10 breaches in the last 12 months.
The 2023 global study reveals that the number of cyber breaches targeting organisations’ supply chains continues to rise, with an average 4.16 breaches reported to be negatively impacting operations this year — a 26% increase from the mean number of 3.29 breaches in 2022.
While breaches are causing increased scrutiny from boards of directors (45% compared to 39% globally), Singapore respondents were the least likely to report a budget increase (83% compared to 85% overall). The survey revealed that, despite increased cyber security scrutiny, budgets for external resources in Singapore were less likely to be increased.
On a positive note, Singapore organisations surveyed demonstrated strong third-party cyber risk management (C-TPRM) practices. A significant 51% reported monitoring their supply chain cyber security monthly or more, even in real-time, surpassing the global average of 47%. Additionally, only 13% claimed they had no means of knowing if an issue arose with a third party, compared to 26% globally. Notably, these organisations were less likely to rely on third parties for ensuring adequate security, with 43% against the global average of 47%.
However, challenges persist, as Singapore respondents reported a higher mean number of breaches (4.42 compared to the global average of 4.16). Despite heightened monitoring, only 39% reported briefing senior management monthly or more, falling behind the global average of 44%.
Key insights from the survey include:
- Budget Constraints: Despite heightened scrutiny, only 46% of Singapore respondents reported an increased likelihood of budget allocation for internal resources, compared to 51% globally. Similarly, only 40% reported an increased budget for eternal resources, compared to 46% globally.
- Increased Cadence of Risk Monitoring: Continuous monitoring emerged as the most utilised solution for monitoring supply chain risk for respondents in Singapore with 29% adoption, although this was slightly lower than the global average of 31%.
- Communication with Suppliers: More than half (54%) of Singapore respondents reported they inform suppliers about cyber security issues and hope they fix it. However, these respondents were less likely to work with suppliers to ensure the resolution of identified problems.
“Attacks targeting external vendors and partners are a constant threat,” said Joel Molinoff, BlueVoyant's global head of Supply Chain Defense. “Our data suggests that the scope of the problem is increasing, with more enterprise vendors and suppliers falling prey to cyber-attacks. Enterprises recognise the issue but the standard approach to third-party risk management is proving inadequate. Companies now need to focus energies on methods that proactively illuminate and reduce supply chain risk.”
Of the report, said Brendan Conlon, chief operating officer for BlueVoyant’s Supply Chain Defense said: “Singapore has established itself as a dynamic global hub in the APAC region fostering innovation and accelerating digitisation. This research reveals that supply chain attacks will continue to be one of the biggest threats to enterprises in Singapore. With a never-ending flow of headlines and regulatory requirements demanding attention to supply chain cyber risk, it is hard to ignore the importance of getting the proper defenses in place. Enterprises should examine their current approaches and identify areas for greater efficiency and continuous coverage — not only in detecting emerging vulnerabilities and risk, but also in quickly remediating threats hand-in-hand with impacted third parties.”
The study was conducted by independent research organisation Opinion Matters and recorded the views and experiences of 2,100 chief technology officers (CTOs), chief security officers (CSOs), chief operating officers (COOs), chief information officers (CIOs), chief information security officers (CISOs), and chief procurement officers (CPOs), with 300 respondents across Singapore including 600 respondents across APAC from Australia, Singapore and the Philippines, in organisations with more than 1 000 employees across a range of industries. It covered 11 countries across North America, Europe, and Asia Pacific. The 2022 research was also conducted by Opinion Matters.
Learn more about the full global BlueVoyant research report: "The State of Supply Chain Defense: Annual Global Insights Report," including analysis across countries and vertical sectors.
BlueVoyant combines internal and external cyber defense capabilities into outcomes-based, cloud-native cybersecurity solution by continuously monitoring your network, endpoints, attack surface, and supply chain, as well as the clear, deep, and dark web for threats. The full-spectrum cyber defense products and services illuminate, validate, and quickly remediate threats to protect your enterprise. BlueVoyant leverages both machine-learning-driven automation and human-led expertise to deliver industry-leading cybersecurity to more than 900 clients across the globe.
BlueVoyant Press Contact: