A new Ponemon Institute report found that 51% of organizations have experienced a data breach caused by a third-party.
SecureLink, a leader in third-party remote access, and Ponemon Institute have released a new report titled “A Crisis in Third-party Remote Access Security”, revealing the alarming disconnect between an organization’s perceived third-party access threat and the security measures it employees.
Findings revealed that organizations are not taking the necessary steps to reduce third-party remote access risk, and are exposing their networks to security and non-compliance risks. As a result, 44% of organizations have experienced a breach within the last 12 months, with 74% saying it was the result of giving too much privileged access to third-parties.
While many businesses continue to outsource critical business processes to third-parties, over half of respondents (51%) say their organizations are not assessing the security and privacy practices of all third-parties before granting them access to sensitive and confidential information. The report highlighted that while many organizations view third-party remote access as a security threat, it is not a priority — even despite the increasing volume and sophistication of cyberattacks happening around them.
If an organization takes a “fingers crossed” approach to third-party risk management then it’s most certainly not a question of “if,” but “when” and “how” and “how much”. Signed contracts, strong reputations, and compliance checklists are important starting points in protecting third-party relationships. But they’re just not enough – especially at a time when hacker activity is surging thanks to new remote ways of working.
The goal of this report is to arm senior decision-makers with information about the third-party remote access landscape so that they can stay ahead of the threats that are inevitably coming. And it’s to help them understand that the issue isn’t just about protecting a single organizations’ data but safeguarding data belonging to customers, partners, and entire communities.
The study was conducted by Ponemon Institute on behalf of SecureLink and includes responses from 627 individuals who are involved in their organization’s approach to managing remote third-party data risks. Respondents are based in North America, spanning six industries, including financial services, health and pharma, public sector, services, and industrial and manufacturing.
Read SecureLink’s full report, A Crisis in Third Party Remote Access Security.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
- networking features, and more