Security News > 2023 > February > 50% of organizations have indirect relationships with 200+ breached fourth-party vendors

50% of organizations have indirect relationships with 200+ breached fourth-party vendors
2023-02-02 04:00

The study also found that 50 percent of organizations have indirect relationships with at least 200 breached fourth-party vendors in the last two years.

The study, which analyzed data from over 235,000 organizations across the globe and more than 73,000 vendors and products used by them directly or used by their vendors, offers an in-depth examination of how the interdependence of modern digital supply chains impacts organizational cyber risk exposure.

For every third-party vendor in their supply chain, organizations typically have indirect relationships with 60 to 90 times that number of fourth-party relationships.

The healthcare sector averaged 15.5 vendors per organization and the Insurance sector averaged 11 vendors.

While examining the regional dimension of third-party relationships, SecurityScorecard found that 59% of organizations have vendors from five or fewer countries, while roughly 14% work with vendors spanning 10 or more countries.

"By having full visibility into the security posture of their third and fourth parties, organizations can work with their vendors to address any cybersecurity gaps they may have in their infrastructure and, in turn, reduce their own level of cyber risk," said Wade Baker, partner at The Cyentia Institute.


News URL

https://www.helpnetsecurity.com/2023/02/02/relationships-breached-fourth-party-vendors/