Blackberry has published its findings from a survey of around 1,500 IT leaders in the U.S., the U.K., and Australia. A major observation is that four out of five organizations have been made aware that they’ve suffered from a supply chain vulnerability or attack in the past twelve months. Out of the organizations who were notified, 58 percent also experienced operational disruptions or data loss, 55 percent experienced intellectual property loss, 52 percent experienced reputational loss, and 49 percent experienced financial loss. Furthermore, 37 percent of those organizations needed up to a month to recover while 10 percent required up to three. The survey also exposed the lack of confidence these leaders have in open-source software, with 30 percent saying they had “least confidence” in that part of their supply chain.

“Unknown components, and a lack of visibility on the software supply chain, introduce blind spots containing potential vulnerabilities that can wreak havoc across not just one enterprise, but several, through loss of data and intellectual property, and operational downtime, along with financial and reputational impact,” said BlackBerry Vice President for Product Security, Christine Gadsby. “How companies monitor and manage cybersecurity in their software supply chain must rely on more than just trust.” Read more at Blackberry.