Pros Blame 3rd Parties For The Increase Of Security Incidents

More than half of the respondents to a CRA Business Intelligence survey (57%) say they were victims of an IT security incident related to a third-party partner in the past 24 months. (“Coding Javascript” by Christiaan Colen is marked with CC BY-SA 2.0.)

Respondents from CRA Business Intelligence’s recent Third-Party Risk Survey believe that third parties are increasingly the cause of IT security incidents — and some say they have been the primary source of attacks in the past two years.

As a result, organizations are now emphasizing third-party risk, and many are devoting more attention to risk management around third parties. Respondents say their increased depen­dency on vendors and other partners such as manufacturers, suppliers, and subcontractors, as well as increasingly complex supply chains, lack of visibility into third- and fourth-party partners, and the vast scope of data accessible to them, have vastly increased their exposure to attacks.

This trend, combined with a greater global presence, use of more diversified applications, programs, and cloud technologies, and the complexity and persistence of supply chain threats and threat actors are the catalysts for recognizing and addressing the risk exposure and potential liabilities from attacks and breaches origi­nating from third parties.

The CRA survey on cybersecurity attacks originating from third parties was based on an online survey conducted in November 2022 among 209 security and IT leaders and executives, security administrators, and compliance professionals in the U.S. from CRA’s Business Intelligence research panel. The following are the leading takeaways from the survey:

Read more

Explore the site

More from the blog

Latest News