Skip to main content
HomeTopicsSoftware Supply Chain

Software Supply Chain

Cybersecurity statistics about software supply chain

Showing 1-20 of 24 results

Software supply chain compromises accounted for 3% of cybersecurity intrusions investigated.

Google Cloud5/27/2026

Organizations that get verifiable transparency data from vendors see 64% quicker implementation of new technology.

Manifest5/27/2026
TransparencyVendor Risk

60% of organizations generate SBOMs.

Manifest5/27/2026
SBOMSoftware Security

More than half of organizations that generate SBOMs are not actually consuming or managing them in practice.

Manifest5/27/2026
SBOMOperational Management

50% of organizations adopt new library versions within 24 hours of release

DataDog5/27/2026
DevSecOpsDependency Management

63% of respondents that prioritize SBOM validation say they're highly prepared to evaluate third-party software.

Black Duck1/1/2026
Third-Party Software SecuritySBOM Validation

47% of retail executives reported having very low to moderate visibility into their software supply chain.

LevelBlue11/16/2025
RetailSoftware supply chain

73% of security leaders reported receiving at least one notification of a software supply chain vulnerability or incident within the past year.

Cobalt7/31/2025
Supply chain riskSoftware supply chain

67% of European organizations are investing in enhanced software supply chain security, which is the highest of all regions.

LevelBlue7/9/2025
Software supply chainEurope

In North America, the top three risks for organizations are third-party software distribution channels (49%), third-party risk management (48%), and unsupported software (48%).

LevelBlue7/9/2025
Software supply chainNorth America

80% of organizations that report very low visibility across the software supply chain have suffered a security breach in the past 12 months.

LevelBlue7/9/2025

Only 25% of organizations plan to prioritize engaging with software suppliers about security credentials in the next 12 months.

LevelBlue7/9/2025

Only 23% of organizations are confident that they have very high visibility of their software supply chain.

LevelBlue7/9/2025

The 6% of organizations with "very high visibility" of their software supply chain are a stark contrast to the 80% with "very low visibility" who suffered a breach.

LevelBlue7/9/2025

44% of organizations in APAC say they are prepared for software supply chain attacks.

LevelBlue7/9/2025
Software supply chainAPAC

In Europe, 51% of organizations say they are prepared for software supply chain attacks.

LevelBlue7/9/2025
Software supply chainEurope

80% of organizations with low visibility of their software supply chain view critical factors like custom code, commercial off-the-shelf software, and API integrations as "very risky" or "somewhat risky".

LevelBlue7/9/2025

About half (49%) of companies say they lack the visibility to fully understand – or even identify – software supply chain risks.

LevelBlue7/9/2025

Despite high investment in enhanced software supply chain security, Europe ranks lowest at 23% in prioritizing engaging with software suppliers about security credentials

LevelBlue7/9/2025
Software supply chainEurope

In Latin America, 50% say they are prepared for software supply chain attacks.

LevelBlue7/9/2025
Software supply chainLatin America