Therefore, it’s essential for offensive security pros to help decision-makers understand the real business risks these attacks bring on.Īs a penetration tester or security consultant, identifying and reporting supply chain risk can set you apart, especially if you can explain the potential fallout in business terms. Additionally, Gartner estimates that, by 2025, 45% of organizations worldwide will experience attacks on their software supply chains. Enisa’s report on the threat landscape for supply chain attacks highlights that, in 66% of cases, malicious hackers focus on the supplier’s code, while in 62% of cases they rely on malware as the main attack technique. Each of these elements has various degrees of access to sensitive information which a bad actor can use as entry points in supply chain attacks.Īccording to the 2022 Software supply chain attacks report, 62% of organizations surveyed have been impacted by these threats.
Your organization is a connected network of vendors, software, and people that keep your business operational.
0 kommentar(er)
