Supply chain delays put enterprises on ransomware risk alert

New research reveals majority of large businesses can’t replace unsupported hardware, leaving potential vulnerabilities exposed.

The continued global supply chain disruption is putting enterprises at increased risk from the likes of ransomware attacks, according to new research from Citrix.

The new study, based on a poll of 200 IT security decision makers in UK businesses employing over 250 people, explored the current supply chain landscape and its potential cyber-security implications.

It has revealed that four in five (80%) security leaders believe that supply chain issues or delays have put their organisation at increased risk from ransomware - for example, by being unable to replace unsupported hardware. A further 70 per cent believe their organisation is being specifically targeted by cyber-attackers in order to gain access to external systems and data, such as those in government or private enterprises.

While nearly two thirds (62%) of organisations aim to refresh their hardware stack - including servers, networking equipment, data centre racks, laptops, smartphones, and tablets - at least annually, 70 per cent admitted supply chain issues have delayed these attempts.

Such delays have resulted in around two in three (63%) effected organisations relying on devices within their IT architecture after their manufacturer support period has ended. Over half (57%) of IT security leaders impacted by the delays admitted they could be relying on devices whereby the support period expired up-to a year ago.

Many organisations may be reliant on unsupported hardware, yet IT security leaders are bullish about their level of protection. Indeed 93 per cent reported feeling confident in their organisation’s contingency plans to deal with failures caused by unsupported hardware - for example, plans for rapid migration to the cloud, to counter zero-day exploits that expose new attack surfaces.

“The global supply chain crisis has had significant knock-on effects across all industries, with security leaders now feeling the impact as they seek to safeguard their organisations,” Chris Mayers, chief security architect, Citrix, said.

“With key infrastructural hardware like networking and data centre equipment underpinned by software, some of which is now unsupported, it’s critical that enterprises have a clear and robust networking perimeter. Built on a foundation of a virtualised cloud, such an architecture enables enterprises to contain new attacks and prevent the spread of the likes of malware and ransomware,” Mayers added.

Data privacy regulation a top three challenge for IoT adopters.
VMware Carbon Black Workload for AWS delivers comprehensive visibility and security across on-premises and cloud environments for AWS customers.
Fears over employees ignoring security advice and ransomware attacks evolving beyond company capabilities outweigh personal job security.
New MDR service uniquely combines Cortex XDR technology with Unit 42’s advanced threat intelligence and threat hunting.
New Claroty xDome empowers enterprises to both modernize and protect the continuity of the cyber-physical systems that sustain our lives.
Half (50%) of IT leaders cite too much bureaucracy and process overload as a key barrier to employees being able to focus on their core role.
AI-Powered malware prevention, detection, and response for industry-leading cloud object storage service.
Gigamon, a leading deep observability company, has launched its first State of Ransomware 2022 and Beyond report aimed at providing insights into how the threatscape is evolving and how the severity of the ‘blame culture’ in cybersecurity is escalating.