Supply chain delays put enterprises on ransomware risk alert

New research reveals majority of large businesses can’t replace unsupported hardware, leaving potential vulnerabilities exposed.

The continued global supply chain disruption is putting enterprises at increased risk from the likes of ransomware attacks, according to new research from Citrix.

The new study, based on a poll of 200 IT security decision makers in UK businesses employing over 250 people, explored the current supply chain landscape and its potential cyber-security implications.

It has revealed that four in five (80%) security leaders believe that supply chain issues or delays have put their organisation at increased risk from ransomware - for example, by being unable to replace unsupported hardware. A further 70 per cent believe their organisation is being specifically targeted by cyber-attackers in order to gain access to external systems and data, such as those in government or private enterprises.

While nearly two thirds (62%) of organisations aim to refresh their hardware stack - including servers, networking equipment, data centre racks, laptops, smartphones, and tablets - at least annually, 70 per cent admitted supply chain issues have delayed these attempts.

Such delays have resulted in around two in three (63%) effected organisations relying on devices within their IT architecture after their manufacturer support period has ended. Over half (57%) of IT security leaders impacted by the delays admitted they could be relying on devices whereby the support period expired up-to a year ago.

Many organisations may be reliant on unsupported hardware, yet IT security leaders are bullish about their level of protection. Indeed 93 per cent reported feeling confident in their organisation’s contingency plans to deal with failures caused by unsupported hardware - for example, plans for rapid migration to the cloud, to counter zero-day exploits that expose new attack surfaces.

“The global supply chain crisis has had significant knock-on effects across all industries, with security leaders now feeling the impact as they seek to safeguard their organisations,” Chris Mayers, chief security architect, Citrix, said.

“With key infrastructural hardware like networking and data centre equipment underpinned by software, some of which is now unsupported, it’s critical that enterprises have a clear and robust networking perimeter. Built on a foundation of a virtualised cloud, such an architecture enables enterprises to contain new attacks and prevent the spread of the likes of malware and ransomware,” Mayers added.

New dynamic reporting provides faster intelligence for making data-driven decisions and reducing cyber risk.
Trained on the world's richest threat intelligence, new detection and response capabilities proactively protect organizations against emerging adversary techniques.
Checkmarx has introduced Checkmarx API Security, the first true “shift-left” API security solution. Building on the launch of Checkmarx Fusion, which prioritizes and correlates vulnerability data from across different AppSec engines, Checkmarx API Security is delivered as part of the industry-leading application security platform Checkmarx One. The developer workflow-oriented solution inventories even shadow and zombie APIs as part of the most comprehensive inventory and remediation solution available to secure the entire API lifecycle.
Intended victim experienced no downtime despite attacker's persistence.
ConnectWise has published the 2022 findings of its annual State of SMB Cybersecurity report, revealing that the growing number of attacks are fueling investment in cybersecurity, particularly with managed service providers (MSPs). Key findings show nearly three-quarters (73%) of report respondents are in agreement that their organisation has reached a tipping point where cybersecurity concerns demand action.
HP Wolf Security report highlights the latest techniques and phishing lures targeting employees and putting companies at risk.
IGEL OS and the IGEL UD Pocket, bundled with expert resources including access to an IGEL Technical Relationship Manager, enables IT organizations to quickly regain control of malware affected devices and ransomware attacks to quickly restore productivity for end-users.
Burned out security teams fight back against geopolitically motivated attacks and lateral movement inside networks.