Businesses are losing confidence in third-party suppliers as a direct result of the increasing number of IT security incidents that they cause.
As the average cost of such an incident for enterprise exceeds $3 million, a recent Kaspersky Lab survey shows that over a third of companies do not trust their suppliers, with the figure for 2015 standing at 37 per cent - up four percentage points on the previous year (33 per cent).
The security specialist firm suggests that this trend is the same for small and medium businesses as well as large corporations with the principal reason for this loss of faith in suppliers deriving from the fact that they were to blame for 18 percent of cyber incidents in 2015.
“In order to avoid damages and to ensure secure communication with suppliers, a comprehensive multi-layered approach is required,” says Konstantin Voronkov, Head of Endpoint Product Management, Kaspersky Lab.
“The first thing to do is to delineate access rights to different areas of the corporate network for different employees.
“This will help restrict a supplier’s access to the company’s resources. Be sure to find out the details of the supplier’s IT security system and implement rules of interaction that are based not only on efficiency and flexibility but also on security.”
Voronkov says incidents involving third-party suppliers are no less dangerous for businesses than direct cyber-attacks on a company’s infrastructure.
In both cases, the cost of eliminating the consequences is equally high: cyber incidents involving suppliers cost small and medium businesses $67,000 on average, while the figure for large corporations is $3.27 million.