The Impossible Puzzle of Cybersecurity, which reveals IT managers are inundated with cyberattacks coming from all directions as cybercriminals exploit weak links in security that are leading to supply chain (third party vendor) compromises. The survey polled 3,100 IT decision makers from mid-sized businesses in the US, Canada, Mexico, Colombia, Brazil, UK, France, Germany, Australia, Japan, India, and South Africa.
Based on the responses, it’s not surprising that 27 percent of Indian IT managers consider IoT threats while 21 percent consider internal staff as the top security risks. Alarmingly, only 24 percent of Indian IT managers consider supply chain as a top security risk, exposing an additional weak spot that cybercriminals will likely add to their repertoire of attack vectors.
“Cybercriminals are always looking for a way into an organization, and supply chain attacks are ranking higher now on their list of methods. IT managers should prioritize supply chain as a security risk, but don’t because they consider these attacks perpetrated by nation states on high profile targets. While it is true that nation states may have created the blueprints for these attacks, once these techniques are publicized, other cybercriminals often adopt them for their ingenuity and high success rate,” said Sunil Sharma, managing director sales, Sophos India & SAARC. “Supply chain attacks are also an effective way for cybercriminals to carry out automated, active attacks, where they select a victim from a larger pool of prospects and then actively hack into that specific organization using hand-to-keyboard techniques and lateral movements to evade detection and reach their destination.”