As another huge bomb hits the cybersecurity world in the form of the recent Microsoft Exchange hack, it’s a good time to take a look at third-party and supply chain risk to see how it can impact businesses and how it can be mitigated. Over 90% of US businesses experienced a cybersecurity incident like a data breach in 2020 because of a third party or supply chain fault.
It’s important to prepare for this risk because it’s less of a possibility and more of an eventuality in today’s ever more connected world. Those connections are one of the reasons why it has ramped up so steadily. As more and more information about people and businesses accumulates in dark web markets and data dumps, that provides fuel for cyberattacks that perpetuate the cycle, feeding the market. More than 60% of the information available now on the Dark Web could damage businesses, and data breaches exposed 36 billion records in just the first half of 2020.
More than 60% of data breaches are a result of exposure through third party or supply chain risk. Unfortunately, any business partner, supplier, or service provider with sloppy cybersecurity practices can put an innocent business at risk by doing things that make it easy for data to walk out the door, like the 17% of companies that have all of their sensitive files accessible to all of their employees – or the 41% of US companies that allow employees unrestricted access to sensitive data.
Also included in that risk calculus, the siren song of making money on the dark web in a challenging economy has increased the possibility of data being snatched for nefarious purposes. An estimated 30% of data breaches involve internal actors with ill intent, including employees moonlighting by selling data or access on the Dark Web.
2020 was not a friendly year for businesses when it came to cybersecurity, especially in the supply chain. About 80% of firms responding to a recent survey said that they’d experienced an increase in cyberattacks in 2020. Supply chain cybersecurity risk warnings increased right along with surging cybercrime, up by 80% in Q2 2020 alone. Two in five SMBs were impacted by a cyberattack in 2020.