According to BlueVoyant, 97 percent of UK firms had a supply chain breach in the previous year, up from 82 percent in 2020 and the second highest percentage internationally.
The security firm questioned 1200 C-level executives in the UK, US, Singapore, Canada, Germany, and the Netherlands who are responsible for managing risk in supply chains.
UK enterprises also had a higher-than-average percentage of supply chain problems: 59 percent had two to five supply chain incidents, compared to an overall average of 49 percent. The country’s average number of breaches increased from 2.64 in 2020 to 3.57 in 2021.
Perhaps predictably given these findings, under a quarter (27%) of UK respondents stated third-party cyber risk is a top priority, compared to a global average of 42 percent.
Despite the fact that budgets are increasing: Third-party cyber risk management funds are expected to increase by 92 percent in 2021, up from 87 percent in 2020.
The statistics are becoming increasingly problematic as supply chains develop, increasing complexity and potentially generating visibility and control holes. The percentage of enterprises reporting supply chains with more than 1000 partners increased from 8% in 2020 to 43% in 2021, implying that the typical vendor ecosystem in the UK currently has 3715 third parties, up from 1013 in 2020.
Two-fifths (39%) of British businesses indicated they had no method of knowing whether a cyber risk arises in a third-party provider, up from 34% in 2020.
BlueVoyant UK president James Tamblin suggested that because companies were compelled to locate new suppliers during the epidemic, they may have lost sight of cyber risk management.
“I would have expected enterprises to be concentrating immediately on mitigating third-party cyber risk, especially given that nearly all UK firms questioned had experienced a hack through their supply chain.” This should set off alarms and compel rapid action,” he stressed.