Enterprise Strategy Group

Cyber supply chain security may not be the sexiest topic, but it is one of the scariest, especially because it’s a major problem among critical infrastructure organizations—also known as the folks who keep the lights on, the water clean, and the trains moving.

In a new syndicated study, ESG surveyed 303 IT and cybersecurity professionals representing large midmarket  and enterprise-class organizations in the United States within 16 vertical industries designated as critical infrastructure by the U.S. Department of Homeland Security. The results of this study were not encouraging:

  • More than two-thirds of organizations dealing with critical infrastructure have experienced various cybersecurity incidents in the past two years. More than one-third of those attacks resulted in a disruption of a business process and/or critical operations.
  • A majority (60%) of critical infrastructure organizations believe that cyber supply chain security is much more difficult or somewhat more difficult than it was two years ago.
  • Only one in five cybersecurity professionals working at critical infrastructure organizations believe the U.S. cybersecurity strategy is extremely clear and thorough.

cybersecurity supply chain

The highest level takeaway? Things are tough and only getting tougher. To learn more about the state of cyber supply chain security and its future, check out the new report. And don't hesitate to contact us directly if you'd like additional insights into the research.

Download the free ESG Research Report by filling out the form: