Firms vulnerable to digital ecosystem cyber threats

Businesses may not be sufficiently prioritising threats from vulnerabilities within the value chain, beyond the immediate boundaries of their own organizations, according to a survey by Tata Consultancy Services.

In its risk and cybersecurity study, 600 cyber executives across Europe and North America were asked about the most pressing cybersecurity issues facing large companies. Threats emerging from digital ecosystems ranked low as a concern by chief risk officers and chief information security officers.

When asked to rank where companies will see the greatest number of cyberattacks between now and 2025, ecosystem partners came in last place (10th). Only 16% of respondents ranked digital ecosystems as a concern when assessing expected cyber targets, and only 14% listed the risks from such ecosystems as the top priority arising out of board-level discussions.

Santha Subramoni, global head of cybersecurity at TCS, said: “Companies across the globe are increasingly turning to digital ecosystems of partners, vendors, and even competitors to reimagine and grow their business. Ignoring the threats originating from these ecosystems represents a blind spot which needs to be addressed urgently.”

“One way of reducing the probability of an attack within digital supply chains is to implement a ‘zero trust’ policy framework based on the principle of ‘never trust, always verify,’ applied not only to humans but also machines.”

Among other findings, the study also revealed that one in six respondents reported that their corporate board of directors considers issues related to cyber risk and security only 'occasionally, as necessary, or never'. Companies with higher-than-average revenue and profit growth are more likely to discuss cybersecurity at every board meeting.

    Share Story:


Modelling and measuring transition and physical risks
CIR's editor, Deborah Ritchie speaks with Giorgio Baldasarri, global head of the Analytical Innovation & Development Group at S&P Global Market Intelligence; and James McMahon, CEO of The Climate Service, a S&P Global company. April 2023

Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.