What’s the connection between avocados, 3rd-party risk, and an infosec summit? Read the Datum Security team's thoughts as they return to the office after attending ISSA-LA Summit 8.
The hidden security risk inside the IT infrastructures of unassessed third parties, suppliers and vendors poses a serious challenge for many companies. In this post, we look at the top elements of third party-risk, explore their value, and understand how they can be used as part of your vendor lifecycle management program as a means to mitigate risk across your overall vendor landscape.
A recent KPMG report shows that nearly half of healthcare organizations surveyed rely on trust when it comes to sharing data with their third-party healthcare business partners. More specifically, only 35% claim to have a solution in place to properly manage third-party vendor security risks.
"Once again, the higher average cost for organizations with fewer seats reinforces that smaller companies are less prepared for an attack,” said Harry Wan, in response to the Ponemon Cyber Crime Report.
The JP Morgan Chase breach compromised 76 million households and about 7 million small businesses. While there is a small chance that there is no link, it is much more likely that a third party vendor was used as a stepping stone to this larger target.
Cottage Health filed a claim of more than $4 million....but it was denied by the insurer, Columbia Casualty. Columbia Casualty denied the claim alleging that Cottage's third party vendor, INSYNC Computer Solutions, Inc., failed to follow "minimum required practices."