Story image

Third party risks ‘a serious risk’

04 May 16

Article by Narinder Purba, senior editor at ESET

Third party risks to organisations has been described as a “serious threat”, a new study by the Ponemon Institute and Shared Assessments as revealed.

The report, titled Tone at the Top and Third Party Risk, also found that most respondents believe that this particular threat is on the rise.

The main reason for this is down to “disruptive technologies”, the authors of the report were told.

Organsations said that they consider the widespread take-up of cloud-based services and the Internet of Things to increases third party risks.

“The threat landscape is constantly evolving, and as a result, third party risk is only going to increase,” commented Dr. Larry Ponemon, chairman and founder of the Ponemon Institute.

“It has become imperative for organisations to create formal programs for vendor risk management in order to avoid being compromised, and more importantly, business leaders need to set a strong example.”

The paper also found that a major problem within enterprises in this key area is that accountability appears to be lacking any direct responsibility.

Consequently, not having single individual or department in charge of managing third party risk leaves organisations more vulnerable to threats.

The authors of the report recommend that those in positions of authority within an enterprise should set a “positive tone” when it comes to third party risk mitigation.

Advantages of this approach include boosting awareness among third party vendors of the need for good cybersecurity policies, such as data protection.

Charlie Miller, senior vice president with the Shared Assessments Program, said: “The highest level of organisations, the board and C-Suite, need to better communicate their values across the enterprise, setting a positive tone and creating formal programs to mitigate this risk, ultimately helping companies to improve their risk management practices.”

What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
"Is this for real?" The reality of fraud against New Zealanders
Is this for real? More often than not these days it can be hard to tell, and it’s okay to be a bit suspicious, especially when it comes to fraud.