Juniper Research estimates that the total cost of software supply chain cyberattacks to businesses will exceed US$80.6 billion globally by 2026, up from US$45.8 billion in 2023. This growth of 76% reflects increasing risks from absent software supply chain security processes, and the rising complexity of software supply chains overall.
The new study, Vulnerable Software Supply Chains Are a Multi-billion Dollar Problem, highlights the need for greater emphasis on the software elements of the supply chain as a critical security vulnerability. The study analysed how both shifts in wider cybersecurity processes, and the mindset around the management of the software supply chain are needed to address these risks.
“The software supply chain has been neglected over the years as a source of risk, leading to a situation where organisations face significant issues if they cannot change the way they operate,” said Nick Maynard, report author and head of research at Juniper Research.
“As software supply chains become more complex, the problem becomes exponentially more complicated, requiring immediate attention to resolve, through regulations, SBOMs (Software Bills of Materials), embedded security, and cybersecurity solutions.”
Nick Maynard
BlackBerry CISO Arvind Raman says enhancing the security of software supply chains is critical for national security and for building a trusted digital world. He stresses that software supply chain security practices must be adopted by all industries.
The study also examines the importance of software supply chains across several verticals, including, financial services, government, automotive, and healthcare, making the study vital reading for key stakeholders in those high-risk industries.