Security News > 2021 > August > Reliance on third party workers making companies more vulnerable to cyberattacks

Reliance on third party workers making companies more vulnerable to cyberattacks
2021-08-16 04:00

A survey from SecZetta revealed 83% of respondents agree that because organizations increasingly rely on contractors, freelancers, and other third party workers, their data systems have become more vulnerable to cyberattacks.

According to recent data from the Ponemon Institute, 51% of breaches are caused by a third party,​​ and more than half of respondents admit their organizations are not evaluating the security and privacy practices of these third party non-employees before granting them access to sensitive and confidential information and systems.

People believe reliance on third party workers increases the risk of cyberattacks 83% of people cite increased reliance on third party workers as catalyst for surge in data breaches.

"The results of the survey clearly demonstrate heightened awareness of cybercrime across the general public who identify increased reliance on third party workers as a leading cause of the surge in data breaches," said Pignolet.

"Given that many enterprise organizations provide access to significantly more third party workers, including their supply chains, than full-time employees, it's imperative they adopt comprehensive third party identity risk management solutions to not just protect themselves and their assets, but safeguard customers from financial loss, the exposure of personally identifiable information, and the downstream effects of disruption to our country's infrastructure. This includes the food supply chain, utilities, and even our national security."

For organizations looking to make changes to their third party identity risk security measures, there are steps they can implement today including: properly identifying who each third party is and the sensitive data to which they have access; conducting regular user audits to ensure third parties have access based on the least amount of privilege necessary to do their jobs; extending zero trust programs to third party non-employees; and conducting continuous risk ratings of the individuals working within a third party vendor or partner, not just the organization as a whole.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/mKz7rPM9Tm0/