Businesses are losing confidence in third-party suppliers due to the increasing number of IT security incidents they cause, with the average cost of such an incident for enterprises exceeding $3-million.
This is according to a new survey conducted by Kaspersky Lab and B2B International which shows that over a third of companies do not trust their suppliers, with the figure for 2015 standing at 37% – up four percentage points on the previous year (33%). This trend is the same for small and medium businesses as well as large corporations. The principal reason for this loss of faith in suppliers is the fact that they were to blame for 18% of cyber incidents in 2015.
Incidents involving third-party suppliers are no less dangerous for businesses than direct cyber-attacks on a company’s infrastructure. In both cases, the cost of eliminating the consequences is equally high: cyber incidents involving suppliers cost small and medium businesses $67000 on average, while the figure for large corporations is $3,27-million.
“In order to avoid damages and to ensure secure communication with suppliers, a comprehensive multi-layered approach is required,” says Konstantin Voronkov, head of Endpoint Product Management at Kaspersky Lab. “The first thing to do is to delineate access rights to different areas of the corporate network for different employees. This will help restrict a supplier’s access to the company’s resources. Be sure to find out the details of the supplier’s IT security system and implement rules of interaction that are based not only on efficiency and flexibility but also on security.”