Help Net Security has written an article covering a recently released study by SecurityScorecard and the Cyentia Institute on supply chain/third and fourth party risk. The report found that 98 percent of organizations have hired a vendor that has experienced a data breach in the last two years and that 50 percent of organizations have hired a third party that depends on a vendor that has experienced a data breach in the last two years. Compared to the primary organizations surveyed, third parties were found to be five times more likely to demonstrate poor security. This statistic only underscores the increasingly interdependent nature of business supply chains, expanding the attack surface an organization is responsible for if it wants to understand the cyber risk it is facing. A recent article, Expanding Our Supply Chain Risk Management Beyond Data thoughtfully expounds on these and other supply chain concerns and offers solutions for organizations to encourage vendors and partners to increase their security through a variety of best practices. Read more at Help Net Security.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!