New data shows cyber-attacks targeting software supply chains will cost the global economy US$80.6 billion annually by 2026

A new study from Juniper Research has found that the total cost of software supply chain cyber-attacks to businesses will exceed $80.6 billion globally by 2026, up from $45.8 billion in 2023. This growth of 76% reflects increasing risks from absent software supply chain security processes, and the rising complexity of software supply chains overall.

The new study, Vulnerable Software Supply Chains Are a Multi-billion Dollar Problem, highlights the need for greater emphasis on the software elements of the supply chain as a critical security vulnerability. The study analysed how both shifts in wider cybersecurity processes, and the mindset around the management of the software supply chain are needed to address these risks.

“The software supply chain has been neglected over the years as a source of risk, leading to a situation where organizations face significant issues, if they cannot change the way they operate,” said Nick Maynard, report author and Head of Research at Juniper Research.

“As software supply chains become more complex, the problem becomes exponentially more complicated, requiring immediate attention to resolve, through regulations, SBOMs (Software Bills of Materials), embedded security, and cybersecurity solutions.”

Arvind Raman, CISO, BlackBerry, said: “Enhancing the security of software supply chains is critical for national security and for building a trusted digital world. BlackBerry welcomes this study from Juniper Research, which outlines why software supply chain security practices must be adopted by all industries, and we are pleased to be recognised for our best-in-class security solutions that address this market need. BlackBerry has long been a champion of built-in security and a pioneer of cybersecurity, which is why we have earned the trust of organisations around the world.”

The study also examines the importance of software supply chains across several verticals, including, financial services, government, automotive, and healthcare, making the study vital reading for key stakeholders in those high-risk industries.