37 views 44 secs 0 comments

The problem with third-party breaches – a data protection dilemma

In Vendor News, Commentaries and Analyses
October 10, 2024

Commentary by Clyde Williamson, Security Architect at Protegrity.

There has been a notable increase in third-party breaches, with headlines featuring Snowflake, Santander and Ticketmaster as recent victims. These incidents highlight that vulnerabilities are inherent in our systems, making no organisation immune to such attacks.

Unsurprisingly, 98% of organisations have experienced a third-party breach within the past two years. These breaches can expose critical data, resulting in severe financial and reputational damage. To mitigate these risks and protect organisational assets, it is essential that organisations thoughtfully consider new strategies to defend against third-party breaches and protect our data.

[…]

Third-party vendors are invaluable to any business but also introduce significant risks. Supply chain attacks, in particular, are on the rise, with 62% of network intrusions originating from a third party, often someone within your supply chain. The most alarming aspect of these breaches is their considerable impact.

Organisations have experienced significant disruptions from third-party cyber incidents, with 73% reporting at least one major incident. A notable example is the 2020 SolarWinds breach, where a sophisticated malware program was inserted into its software updates. SolarWinds, which managed numerous companies’ credentials, became an ideal target for a widespread attack.

Read more at Electronic Payments International.