{"id":15109,"date":"2015-10-21T18:00:44","date_gmt":"2015-10-21T18:00:44","guid":{"rendered":"https:\/\/kasperskydaily.com\/b2b\/?p=4671"},"modified":"2020-02-26T18:56:31","modified_gmt":"2020-02-26T16:56:31","slug":"third-party-confidence","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.za\/blog\/third-party-confidence\/15109\/","title":{"rendered":"&#8220;If I ever lose my faith in you&#8221;: businesses&#8217; confidence in third-party suppliers decreases"},"content":{"rendered":"<p>A <a href=\"https:\/\/www.kaspersky.com\/about\/news\/product\/2015\/Kaspersky-Lab-Survey-Shows-Businesses-Losing-Confidence-in-Suppliers\" target=\"_blank\" rel=\"noopener nofollow\">new survey<\/a> shows that businesses worldwide increasingly lose their faith in third-party suppliers. The reason? The increasing number of IT security incidents that they cause. The survey conducted by Kaspersky Lab and B2B International found that an average cost of a cyberincident that has occurred due to a third parties\u2019 fault exceeded $3 million for enterprise. For SMBs the average damage is around $67k.<\/p>\n<p>The recent survey showed that up to 37% of companies do not turst their suppliers (4% up compared to the previous year) because of third-party suppliers\u2019 cybersecurity failures and ensuing cyberincidents.<\/p>\n<p>The suppliers were to blame for 18% of cyber-incidents in 2015 so far.<\/p>\n<p><strong>Not unexpected<\/strong><\/p>\n<p>It\u2019s not exactly an unexpected finding. Large corporations have learnt (sometimes the hard way) the necessity of strong cyberdefenses; storming their front becomes too laborious a task for cybercriminals.\u00a0So they look for alternative ways to infiltrate the targeted networks and\/or retrieve data of interest.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>\u201cIf I ever lose my faith in you\u201d: businesses\u2019 confidence in third-party suppliers decreases #protectmybiz<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2Fgy3h&amp;text=%26%238220%3BIf+I+ever+lose+my+faith+in+you%26%238221%3B%3A+businesses%26%238217%3B+confidence+in+third-party+suppliers+decreases+%23protectmybiz\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Third party suppliers (and every large entity that has a large network of such satellites) are often smaller companies who tend to be less cautious about getting attacked \u2013 and about protecting themselves. So hackers may \u2013 and often do \u2013 use their infrastructure as leverage for a successful attack on the primary enterprise. Or they can simply gather pieces of the data they have interest in from the \u201csofter targets\u201d. There are APT campaigns targeting only SMBs in place already \u2013 check out <a href=\"https:\/\/business.kaspersky.com\/grabit-an-smb-targeting-spy-campaign\/4015\/\" target=\"_blank\" rel=\"noopener nofollow\">Grabit<\/a>, for instance.<\/p>\n<p>This may lead to dire ramifications both for the mainstay and its satellites, unless they take full responsibility for their own protection.<\/p>\n<p>Apparently, SMBs have this problem as well. It is highly recommended, of course, to find out the details of a supplier\u2019s cybersecurity practice, but in fact it may be difficult or outright impossible to do so.\u00a0The only guaranteed way for both SMBs and enterprises to protect themselves is to have a\u00a0properly installed defensive perimeter.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>The suppliers were to blame for 18% of #cyberincidents in 2015 so far.<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2Fgy3h&amp;text=The+suppliers+were+to+blame+for+18%25+of+%23cyberincidents+in+2015+so+far.\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p><strong>Deep echelon<\/strong><\/p>\n<p>A good defense is multilayered, or, as they say in the military, \u201cdeeply echeloned\u201d. Applied to IT, it means a properly segmented corporate network with delineated access to different portions so that only employees entitled to do so have access to specific data. Outsiders\u2019 access, in turn, should be heavily restricted (\u201cguest network\u201d) \u2013 so that nothing malicious slips through and gains access to anything important.<\/p>\n<p>Kaspersky Lab offers security solutions to protect all segments of the corporate network. For employees\u2019 mobile devices and virtual workstations we have developed special solutions such as <a href=\"https:\/\/www.kaspersky.com\/business-security\/mobile\" target=\"_blank\" rel=\"noopener nofollow\">Kaspersky Security for Mobile<\/a> and <a href=\"https:\/\/www.kaspersky.com\/business-security\/virtualization\" target=\"_blank\" rel=\"noopener nofollow\">Kaspersky Security for Virtualization<\/a>. In addition to our technological solutions, Kaspersky Lab provides <a href=\"http:\/\/media.kaspersky.com\/en\/business-security\/IS%20datasheets_EDUCATION.pdf?icid=en-GL:ent-content\" target=\"_blank\" rel=\"noopener nofollow\">training<\/a> on information security for employees, including how to minimize the risk of incidents when working with third-party suppliers.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A new survey shows that businesses worldwide increasingly lose their faith in third-party suppliers. The reason? The increasing number of IT security incidents that they cause.<\/p>\n","protected":false},"author":209,"featured_media":15510,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3021],"tags":[282,2346,2347,2348],"class_list":{"0":"post-15109","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-cybersecurity","10":"tag-security-incidents","11":"tag-smbs","12":"tag-third-party-suppliers"},"hreflang":[{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/third-party-confidence\/15109\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/third-party-confidence\/15109\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/third-party-confidence\/15109\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.za\/blog\/tag\/cybersecurity\/","name":"Cybersecurity"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/15109","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/users\/209"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/comments?post=15109"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/15109\/revisions"}],"predecessor-version":[{"id":26601,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/15109\/revisions\/26601"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media\/15510"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media?parent=15109"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/categories?post=15109"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/tags?post=15109"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}