As multi-tier supply chains become more complex, sourcing requirements and production processes are dispersed globally to maximize economic efficiency. Most businesses find it difficult to evaluate vendor risks beyond their primary suppliers. This leaves them vulnerable to risk factors related to the numerous tiers of sub-suppliers. The dangers can range from the acquisition of a key component supplier by a foreign firm to the introduction of unethical business practices by bad actors. This article at Dark Reading by Robert Lemos discusses the vendor risks that most businesses fail to identify.
Cyentia Institute Report on Vendor Risks
Per a report by Cyentia Institute, organizations that do not prepare for vendor risks are placing themselves in danger of multiparty breaches. For instance, a single compromise can snowball into breaches affecting up to 800 organizations.
According to the report, an average large breach affected 31 organizations and cost $90 million. Meanwhile, ransomware and wiper incidents caused the most losses, accounting for 44% of all recorded losses, according to Cyentia. System intrusions accounted for the highest number of organizations impacted (57%). Per John Sturgis, data scientist at Cyentia, businesses should make a greater effort to ensure their suppliers and contractors cannot enter their networks through a backdoor.
Why It Is Important to Tackle Vendor Risks
Sturgis also says, “Even if you never thought about being targeted directly by a nation-state actor, thinking about it through a lens of what providers do I have that could be targeted, and how can I manage my exposure even within my third parties is a real valid and tractable problem to try and engage in?”. As a result of the multiparty breaches, businesses are focusing on attack targets as part of their cybersecurity and risk mitigation efforts. Wade Baker, the founder of Cyentia, recommends businesses do more than just superficially vet vendors’ security.
Furthermore, the author lists the top security breaches and their statistics.
To read the original article, click on https://www.darkreading.com/attacks-breaches/damages-escalate-rapidly-in-multi-party-data-breaches