More Than 70% of Singapore Organisations Were Negatively Impacted by a Cyber Security Breach Within Their Supply Chain in the Past Year

November 4, 2024

Survey indicates organisations in Singapore are superior to global benchmarks in several areas of third-party risk management, including fewer negative impacts from breaches with 71% affected compared to 81% globally

SINGAPORE, 5 November 2024 — BlueVoyant, an industry-leading cyber defence company, today released its fifth annual global survey into supply chain cyber risk management. The Singapore results show that reducing supply chain cyber risk remains a persistent problem with more than 70% of organisations reporting an average of 3.97 breaches impacting operations this year.  

This year’s study indicates that organisations in Singapore are making progress in enhancing their cyber security efforts with the data showing increasing board oversight, growing budgets, and rising third-party monitoring frequency reflecting a positive shift compared to last year’s figures. An average of 4.42 reported breaches in 2023 now decreased to 3.97 in 2024.  

Outperforming global figures, Singapore organisations also reported greater awareness, with only 24% indicating no way of knowing issues with third parties, compared to the global average of 30%. Showing evidence of a of greater focus to monitor vendors, Singaporean enterprises are reportedly more diligent in assessing vendors, with 59% doing so compared to 50% globally. Continuous visibility into third-party risks is reportedly higher at 21%, compared to 15% globally. 

Key findings from Singapore organisations include:  

  • Third-party monitoring is a growing priority. While Singapore respondents reportedly evaluate fewer suppliers for cyber security risk, with 43% saying they are focusing on 101-500 vendors, they are more likely to say they monitor all third parties (33% compared to 30% globally). 
  • Continuous monitoring is the most common reported solution for third-party cyber security in Singapore, adopted by 30% of organisations, slightly ahead of network scanning and penetration tests (29%). Singapore’s respondents are also more inclined to report outsourcing the analysis of monitoring data (34%). 
  • Monitoring frequency is on the rise. Organisations in Singapore are proactive in monitoring cyber security risks, with monthly assessments reportedly being the norm (28%). Senior management is reportedly mostly briefed semi-annually (27%), with a higher frequency of weekly (7%) and monthly (16%) briefings compared to global figures. 
  • While 44% or organisations maintain periodic autonomous transparency/visibility of certain aspects of cyber risk management, 35% said they have no way of autonomously seeing the cyber risk posture of third parties and rely on self-reporting. 
  • Budgets for third-party cyber risk management have increased for 90% of Singapore respondents, surpassing the global average of 86%. 
  • Concern over recent breaches. Almost 50% (47%) of Singapore organisations indicated the news of breaches over the past 12 months (ex. MOVEit and other large supply chain cyber security breaches) are likely to lead to an increase in budget for additional internal and external resources to help protect against supply chain cyber security issues. 

“Although the data demonstrates that local organisations are prioritising monitoring of third parties, supply chain breaches will continue to remain a significant concern in Singapore,” said Sumit Bansal, vice president Asia Pacific and Japan at BlueVoyant. “As one of the most digitally advanced nations in the Asia Pacific and Japan region, Singaporean organisations increasingly rely on external vendors and partners to support their operations, and one weak link can expose entire networks to potential compromise. While challenges remain, the progress made over the past year is encouraging and reflects a deeper awareness of the importance of securing digital infrastructure and foster closer collaboration with supply chain partners to stay resilient.” 

Joel Molinoff, global head of Supply Chain Defence at BlueVoyant added: “More organisations than any previous year indicated that their primary focus is no longer on awareness of the third-party risk management problem or adoption of a program, but rather with the operational, day-to-day challenges of managing an effective program. While this progress also brings many new challenges, it indicates a major step in the right direction when contrasted with previous years where many organisations had poor tracking of third-party vendors, little to no leadership oversight, and virtually no collaboration when it came to remediating cyber issues.”  

The study was carried out by an independent market research organisation, Opinion Matters, who surveyed 2,100 -suite leaders responsible for supply chain and cyber risk management across a range of industries. To gain a global perspective, the research was conducted in 11 countries across North America, Europe and Asia Pacific. 

Learn more about the full report: "The State of Supply Chain Defense: Annual Global Insights Report 2024," including analysis across countries and vertical sectors. 

About BlueVoyant  

BlueVoyant delivers a comprehensive cloud-native security operations platform that provides real-time threat monitoring for networks, endpoints, and supply chains, extending to the clear, deep, and dark web. The platform integrates advanced AI technology with expert human insight to offer extensive protection and swift threat mitigation, ensuring enterprise cyber security. Trusted by more than 1,000 clients globally, and the 2024 Microsoft Worldwide Partner of the Year, BlueVoyant sets the standard for modern cyber defence solutions.