Search form


3 ways to reduce supply chain cyber risk

15 June 2022 | 3 minute read

Roland Thomas

Corporate Development Manager

In a perfect storm of inflation, war and a pandemic, organisations are facing unprecedented pressure on their supply chains. Amid the crisis, supply chain cyber risks cannot be ignored.

According to the Ponemon Institute, 60% of data breaches are caused by a company's suppliers and other third parties*; 58% of breaches target client data**. The conclusion? Never trust a company with your data without assessing their security first.

As a global organisation, we speak to hundreds of companies who use service providers to remain efficient and competitive.

Cyber risk should be treated like AML and KYC checks – you would never expose your company to terrorist financing or sanctioned individuals, so why would you open yourself up to companies with inadequate security?

Here are 3 ways every company can monitor their providers:

  1. Due diligence
    IT Security Questionnaires are essential for understanding your providers’ controls, procedures, certification and history.
  2. Threat Intelligence
    Many companies are now using threat intelligence to enhance their oversight with continuous monitoring of suppliers’ vulnerabilities, breaches and other issues that could provide entry points to malicious actors.
  3. Escalation
    Sometimes monitoring is not enough. Where you encounter a high-risk organisation, you should act quickly to find out more, share intelligence and require them to build security. Where suppliers do not engage, you may need to terminate the relationship and avoid a potentially catastrophic security breach.

Thomas Murray’s risk platform includes due diligence and threat intelligence tools, so you can efficiently monitor your providers and build a secure network.

Robert Smith

Head of SaaS Sales and Customer Success

Contact our experts

Contact me for your free security rating, discuss your requirements or find out more about the Cyber Risk tool.

Book a demo

Want to see the tool in action? Book a demo and a member of our team will guide you through the platform and demonstrate how our tool can help you!

*Ponemon Institute & IBM, 2021
**ENISA, 2021

Recommend to read

Thomas Murray - News

25/07/2022 15:26

Cyber risk

Fund managers should not get caught out thinking they are a low-priority target: here’s how to identify risks and build resilience, to protect investor data and assets.

Thomas Murray - News

08/07/2022 13:09

Cyber risk

Philadelphia, PA June 7, 2022—The Business Intelligence Group today announced that Thomas Murray Cyber Risk has won the 2022 Fortress Cyber Security Awards in the Threat Detection category.

Thomas Murray - News

01/07/2022 08:32

Cyber risk

50% of cyber-attacks originate through a third party, but Network Management teams are not doing enough to protect their banks from high-risk providers.

Thomas Murray - News

29/06/2022 09:49

Cyber risk

Thomas Murray attended for the first time the InfoSecurity Europe 2022 event at the ExCel London on the 21st – 23rd June