3 minute read
Corporate Development Manager
In a perfect storm of inflation, war and a pandemic, organisations are facing unprecedented pressure on their supply chains. Amid the crisis, supply chain cyber risks cannot be ignored.
According to the Ponemon Institute, 60% of data breaches are caused by a company's suppliers and other third parties*; 58% of breaches target client data**. The conclusion? Never trust a company with your data without assessing their security first.
As a global organisation, we speak to hundreds of companies who use service providers to remain efficient and competitive.
Cyber risk should be treated like AML and KYC checks – you would never expose your company to terrorist financing or sanctioned individuals, so why would you open yourself up to companies with inadequate security?
Here are 3 ways every company can monitor their providers:
- Due diligence
IT Security Questionnaires are essential for understanding your providers’ controls, procedures, certification and history.
- Threat Intelligence
Many companies are now using threat intelligence to enhance their oversight with continuous monitoring of suppliers’ vulnerabilities, breaches and other issues that could provide entry points to malicious actors.
Sometimes monitoring is not enough. Where you encounter a high-risk organisation, you should act quickly to find out more, share intelligence and require them to build security. Where suppliers do not engage, you may need to terminate the relationship and avoid a potentially catastrophic security breach.
Thomas Murray’s risk platform includes due diligence and threat intelligence tools, so you can efficiently monitor your providers and build a secure network.
Head of SaaS Sales and Customer Success
Contact our experts
Contact me for your free security rating, discuss your requirements or find out more about the Cyber Risk tool.
Book a demo
Want to see the tool in action? Book a demo and a member of our team will guide you through the platform and demonstrate how our tool can help you!
*Ponemon Institute & IBM, 2021**ENISA, 2021