< Back to Blog
Compromised Credentials Affect 44% of Companies in Supply Chain, Research Finds
Panorays News

Compromised Credentials Affect 44% of Companies in Supply Chain, Research Finds

By Yaffa Klugerman Feb 09, 20222 min read

Panorays reveals findings from its annual Third-Party Cyber Gap report

New York, February 9, 2022 – Panorays, a leading provider of third-party security risk management software, has today identified the top five most common cyber gaps among third-party organizations over 2021. Analyzing data gathered from cyber posture evaluations of tens of thousands of vendors across various industries, Panorays pinpointed “compromised credentials” as among the most common issues impacting supply chain security, with 44% of companies affected. 

Other common cyber gaps this past year include:

  • Significant web assets not protected by Web Application Firewalls (WAF) (48% of companies affected)
  • Unpatched web servers with severe vulnerabilities (37% of companies affected)
  • Vulnerable default CMS configuration (33% of companies affected)
  •  Insufficient security team personnel (33% of companies affected)

While it maintains a position in Panorays’ Top 5 Cyber Gaps list, the patching cadence of web servers is improving. Indeed, unpatched technologies impacted over half of companies (52%) in 2019, compared to 40% in 2020 and 37% today. Meanwhile, failure to implement basic protection for websites and apps through WAF has remained consistent over the years. The costs of doing so, as well as the difficulty of configuring and maintaining WAF, could be to blame. Finally, the results indicate that insufficient security team personnel continues to be a problem, as the percentage of companies impacted has risen slightly from 31% to 33% since 2020.

Get the best third-party security content sent right to your inbox

Thanks for subscribing!

“It is reassuring to see security teams taking greater initiative to patch their servers in a timely manner, and it’s a trend we hope to see continue in the years to come, particularly in light of the recent Log4j disclosure. Nevertheless, we still have a ways to go in safeguarding our supply chains. The persistence of cybercriminals, an expanding set of security responsibilities tied with a shortage of talent, makes for a perfect storm,” said Giora Omer, Chief Architect at Panorays, who authored the report. “Yet the silver lining is that most of the common issues that crop up time and again simply require companies to follow basic cyber hygiene and best practices. The challenge that comes with tackling cyber gaps in the supply chain is not necessarily the issue itself, but the abundance of issues that make it difficult for the organization and partners to keep track.”

Panorays addresses the challenge of visibility by combining automated, dynamic security questionnaires with external attack surface assessments and business context to provide organizations with a rapid, accurate view of supplier cyber risk. The company further enables easy collaboration between companies and suppliers through in-app engagement tools.

Click here to download the full report.

About Panorays

Panorays is a rapidly growing provider of third-party security risk management software, offered as a SaaS-based platform. The company serves enterprise and mid-market customers primarily in North America, the UK and the EU, and has been adopted by leading banking, insurance, financial services and healthcare organizations, among others. Headquartered in New York and Israel, with offices around the world, Panorays is funded by numerous international investors, including Aleph VC, Oak HC/FT, Greenfield Partners, BlueRed Partners (Singapore), StepStone Group, Moneta VC, Imperva Co-Founder Amichai Shulman and former CEO of Palo Alto Networks Lane Bess. Visit us at www.panorays.com.

Author Thumbnail
Yaffa Klugerman

Yaffa Klugerman is Director of Content Marketing at Panorays. She enjoys writing about the cyber world, drinking too many cappuccinos and arguing about the use of serial commas.

You may also like...
6 Benefits of Panorays' Free Plan
Jan 26, 2022 6 Key Benefits of Panorays’ Starter Plan Hunter Markman
Free starter plan
Jan 26, 2022 Panorays Launches Complimentary Offering to Enable Organizations to Begin Managing… Yaffa Klugerman
Gartner
Dec 16, 2021 Panorays named in 2021 Gartner® Hype Cycle™ for Cyber and… Hunter Markman
Get Started Free
We use cookies to ensure you get the best experience on our website. Visit our Cookie Policy for more information.
Get our latest posts straight to your inbox Subscribe