While companies prepare to defend against emerging cyberthreats, a new report found that CIOs should be extra vigilant against the possibility of supply chain attacks.

A new study from Crowdstike found that nearly 80% of respondents believe supply chain attacks have the potential to become one of the biggest cyberthreats facing the enterprise over the next three years.

SEE: Cybersecurity in 2018: A roundup of predictions (Tech Pro Research)

These attacks seem to be becoming increasingly common. The report found that two-thirds of respondents experienced an attack against their supply chain within the last year.

According to the report, nearly 90% of respondents believe they are currently at risk for a supply chain attack.

Supply chain attacks are both costly and timely. The report found that, on average, supply chain attacks cost organizations $1.1 million. For US companies however, the average cost per attack is $1.27 million.

The report found that supply chain attacks can take organizations up to 63 hours to detect and remediate. US organizations averaged a 12-hour response time, ahead of their counterparts in other regions that averaged 15-hour response times.

Similarly, the report stated that US organizations could resolve supply chain attacks in 22 hours, ahead of the global average of 25.

CrowdStrike’s vice president of product marketing, Dan Larson, encouraged organizations to consider investing in effective prevention, detection, and response technologies to defend against these risks.

“It’s clear that supply chain attacks are becoming a business-critical issue, impacting topline relationships with partners and suppliers but organizations largely lack the knowledge, tools, and technology to be protected,” Larson said in the report. “Knowledge gaps and the lack of established standards to prevent complex supply chain attacks are putting organizations at risk from a financial, reputational, and operational perspective.”

The big takeaways for tech leaders:

  • As cybersecurity threats continue to grow, new reporting from Crowdstrike found that supply chain attacks are expected to increase within the next three years.
  • Two-thirds of respondents to a Crowdstrike survey reported that they dealt with a supply chain attack within the last year.