Third-Party Risk Brings Danger to Your Door Daily
Even if you’re making all the right cybersecurity moves, can you be certain that every organization that your business has a relationship with is doing the same thing? 98% of organizations have had a threat arrive at their doorstep because of a data breach or security incident a third party or supply chain source in the last 12 months – and that’s a vector for incoming cyberattacks that you may not even know about.
Third-party and supply chain risk can come from any vendor or service provider that you do business with. Are you outsourcing file transfers or information storage? That’s how more than a dozen universities were hacked using information gained in a breach at transference and collaboration specialist Accellion. Using specialized software for fundraising? Hundreds of leading charitable organizations and trusts were too – and many of them were hacked because of a data breach at software provider BlackBaud.
No business can exist without others. Any organization that has information about your business could be putting your systems and data at risk. As the world becomes more interconnected and cloud-based, that risk is growing every year. New cyberattacks fueled by dark web data are adding to that risk too. At the start of 2020, an estimated 65% of the information already on the dark web could harm businesses, and 22 million more new records were added by the end of that year.
Reduce your company’s chance of damage from a third party or supply chain based attack by taking a few simple precautions. Add multifactor authentication to every account – Microsoft says that it stops 99% of password-based attacks. Increase phishing resistance training too. Much of the data that bad actors gain is used for spear phishing. Dark web monitoring helps reduce risk too by alerting you if any of your company’s protected credentials are exposed.
How about some good news? By following these tips, you’re not just increasing your company’s protection against third party and supply chain risk. You’re also boosting your organization’s overall cybersecurity posture against many other damaging risk like ransomware and account takeover as well as increasing your cyber resilience – and that delivers you some much-needed peace of mind.