1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Many firms are working with risky third party vendors

    From TechnologyDaily@1337:1/100 to All on Wed Feb 1 21:00:05 2023
    Many firms are working with risky third party vendors

    Date:
    Wed, 01 Feb 2023 20:39:12 +0000

    Description:
    More third parties means more potential trouble, as third party vendors are usually less secure, research finds.

    FULL STORY ======================================================================

    Despite having well-defended digital premises and endpoints , many firms are at risk of cyberattacks because they work with different vendors and third parties that arent as secure.

    This is according to a new report from cybersecurity ratings firm SecurityScorecard, which analyzed more than 235,000 organizations worldwide, as well as 73,000 vendors and products they use, to find that virtually all firms (98%) have vendor relationships with at least one third party that suffered a data breach in the last two years.

    Whats more, half of the organizations have indirect relationships (as in used by the third-party vendors) with at least 200 companies that suffered a cyberattack in the last two years. F for security

    For every third-party vendor in a supply chain, businesses usually have indirect relationships with 60 to 90 times that number of fourth-party relationships, the researchers have found. With third parties being up to
    five times more likely to exhibit poor security, the risk quickly compounds.

    Roughly a tenth (10%) of all third parties analyzed for the report were rated F for security.

    Looking at different industries, the information services sector has an average of 25 vendors, while the finance sector has 6.5 on average.
    Healthcare averaged 15.5 vendors, while insurance has 11. Each one poses a significant risk to the original organization. Read more

    Simple supply chain attack compromises hundreds of websites and apps


    Most businesses remain woefully unprepared for the next major supply chain
    attack


    Check out the best firewalls right now

    Cybercriminals seem to be well aware of these facts, as supply chain attacks became one of the most devastating forms of cybercrime lately. The SolarWinds attack, in which just one company had its software compromised, and which resulted in tens of thousands of organizations worldwide being affected, is probably the best example.

    An organizations attack surface spans beyond just the technology that they
    own or control, said Aleksandr Yampolskiy, co-founder and CEO of SecurityScorecard.

    Organizations need visibility into the security ratings of their entire third and fourth party ecosystem so that they can know in an instant whether an organization deserves their trust and can take proactive steps to mitigate risk. These are the best malware removal tools today



    ======================================================================
    Link to news story: https://www.techradar.com/news/many-firms-are-working-with-risky-third-party-v endors


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)