Who’s next? Data breaches seem to be a dime a dozen these days and security professionals don’t speculate “if” they will be hacked, but rather “when” they will be compromised. It’s inevitable. Hackers continue to find new ways to infiltrate an organization’s network, stealing private employee data and sensitive technical information.
This month, tens of thousands of unprotected documents were found on the internet, many from nearly all the largest auto manufacturers. According to the New York Times article, ‘Big Red Flag’: Automakers’ Trade Secrets Exposed in Data Leak, “the inadvertent exposure of customers’ data illustrates a problem confounding businesses: Some of their biggest security risks come from their suppliers and contractors.”
Urgent action is required to address the threats posed by third parties. According to Bomgar’s 2018 Privilege Access Health Report, “66% of respondents think it’s possible or definite they have suffered a breach through third-party access.” Every company who chooses to outsource services must carefully assess and continuously monitor those third parties to ensure that substantive IT security and data protection controls are in place. In some industries such as Financial Services and Healthcare, meeting regulatory requirements and compliance obligations include third party assessments. For those industries without these controls, this latest breach reinforces the need for proper vendor due diligence.
Prevalent helps companies manage third party risk. It is the industry’s only unified platform that integrates a powerful combination of automated risk-tiered assessments, continuous monitoring, and evidence sharing for collaboration between companies and their vendors. Prevalent’s actionable intelligence provides the most comprehensive view of vendor risk, creating maximum efficiency for all Third Party Risk Management programs.
Sara Muckstadt is a Product Marketing Manager at Prevalent, Inc.
The recent Ryuk ransomware attack targeted hospitals at a time when they couldn’t afford distractions. Here’s...
GE has disclosed a data breach originating at one of its third-party service providers.
When Marriott acquired Starwood in 2016, the company inherited a compromised reservation system platform that resulted...