Why organizations should be concerned with their vendor’s cyber security standards

While it is important to maintain a high level of cyber security for your organization to protect your customer’s data, it is equally as important to ensure the vendors you are doing business with are demonstrating the same commitment to security. A recent article provides some of the threats associated with third-party hacks and how to prevent the negative consequences that come with these breaches.

According to a survey conducted by the Ponemon Institute, more than half of the organizations who experienced a data breach resulted from vendor breaches. However, only 35 percent of organizations had documented specifically which third parties they were sharing sensitive information with, and only 18 percent knew if those vendors were in turn sharing that same information with other parties.

The reason these statistics are alarming is because customers do not care how their data was stolen. They care about who they trusted their information with in the first place. Therefore, organizations who don’t know with whom their data is being shared with or are not sure about the cyber security standards of their vendors are putting themselves at risk of not only being breached but also risk being sued by their clients.

Organizations can protect themselves from supply chain breaches by evaluating the cyber security policies of their vendors and ensuring that they are performing self-assessments and purchasing cyber insurance. They can also audit their vendors by performing penetration tests, which check to see where data is being held and how well protected it is.

As a company who works with smaller businesses and organizations, PerusITy understands the importance of data security across all vendors and is always happy to answer any questions you may have related to cyber security. If you have any questions or concerns, give us a call at 571-370-5777 or send us an email at sales@perusITy.com.