Fully 97% of businesses have been affected by a cybersecurity breach in their supply chain, according to a study by cybersecurity firm BlueVoyant, as Fox Business reports. Plus 93% of firms said that lapses in their supply chain had caused them to undergo a direct cybersecurity breach.
Adam Bixler, global head of third-party cyber risk management at BlueVoyant, called breaches “still staggeringly high.” The study was performed by independent research organization Opinion Matters. Respondents included 1,200 IT executives in organizations with headcounts of more than 1,000, from various industries in the United States and abroad.
Driving home the risks, a separate study by cybersecurity firm Randori finds that one in 15 organizations are running vulnerable versions of SolarWinds software, which last year was at the center of one of the biggest hacks in history, as VentureBeat reports. And half of organizations are running versions of other software that Randori deems tempting to hackers, such as Cisco’s ASA firewall and Citrix NetScaler, according to the study.
On the other hand, IT budgets are projected to grow at their quickest clip in more than a decade, according to a Gartner study and as reported by The Wall Street Journal and others. The research and advisory firm surveyed nearly 2,400 chief information officers and tech executives in a range of industries. Respondents forecast a 2% increase in IT budgets for 2021 and another 3.6% growth next year.
Two-thirds of IT executives surveyed said they will boost their cybersecurity budgets. Gartner research vice president Monika Sinha told the Journal that CIOs were also spending on tech to make businesses more adaptable.
Government IT managers, meanwhile, are perhaps surprisingly upbeat, a BeyondTrust study finds, as GCN reports. Of 200 senior IT and security professionals polled from the public sector, 96% said they have enough funding to meet their cybersecurity budgets.
“While the findings of this report support an optimistic outlook, cybersecurity processes and technologies must adapt to what attackers are doing in the future, not just what is occurring today,” the study finds.