[ad_1]
The new report by Trend Micro“EVERYTHING IS CONNECTED: Uncovering the ransomware threat from global supply chains”, Points out that 8 out of 10 IT managers in Italy are worried about their partners and customers. The reason is obvious: the 57% of respondents say they have seen at least one other company in their supply chain victim of a cyber attack.
In short, the supply chain is one of the weak points with regard to IT security, and the fact that the business fabric of the Bel Paese is mainly composed of SMEs, potentially more vulnerable than more structured realities, does not lead to optimism.
The supply chain is one of the critical points for cybersecurity. Trend Micro analysis
Trend Micro’s research, carried out by Sapio Research and based on a sample of 2,958 IT Decision Makers in 26 countries (100 of which in Italy) focuses on the problem of supply chain cybersecurity. Indeed, a company may have the best possible defenses and the best experts, but today the world is heavily interconnected and an attack on one customer or partner can also affect other companies in the supply chain.
The main threat is that of ransomware, now detected in one in four cyber incidents. “57% of Italian companies have seen at least one other organization within their supply chain be hit by a ransomware attack and this puts their systems potentially at risk of compromise“, explains Alessandro Fontana, Head of Sales of Trend Micro Italia. “However, many do not take steps to improve partner cybersecurity. The first step to mitigating these risks must be greater visibility and control over the ever-expanding digital attack surface“.
The main danger is that of ransomware, now detected in one in four cyber incidents, and constantly growing, also due to the Ransomware-as-a-Service services offered by some criminal groups. A real crime industry, which exploits the weaknesses of companies.
According to Trend Micro analyzes, in fact, with the growth of investments in digital, the area of the perimeter to be defended has increased. However, companies have not invested in cybersecurity in the same way, promoting productivity. And putting not only themselves, but also partners and customers at risk.
Another aspect of concern is the lack of information sharing: only 51% of companies share data on ransomware attacks with their suppliers, moreover, 37% declare that they do not inform partners about the threats. The reason, however, is not necessarily to be found in the desire to hide the criticality of one’s situation: according to Trend Micro, the cause could also be the fact that many companies do not have information to share. In the sense that in some cases they do not know they have suffered an accident.
According to the report, in fact, the detection rates in Italy are very low: 54% for ransomware, 44% for data exfiltration, 41% for initial access to systems, 35% for using tools such as PSexec or Cobalt Strikle and 29% for lateral movement within infrastructure.
.
[ad_2]
Source link
