Third-party suppliers are to be blamed for 18 percent of cyber-security incidents according to a recent survey conducted by Kaspersky Lab.
Through the survey, the security company found that the average cost of third-party supplier cyber-crime incidents was more than US$3 million for enterprises.
Results showed more than a third of companies do not trust their suppliers, with a climb in the figures from 33 percent last year up to 37 percent in 2015. Kaspersky said the trend was the same for SMB as well as large corporations.
The survey also indicated that security incidents involving third-party supplies are no less dangerous for businesses than direct cyber-attacks on a company's infrastructure. According to Kaspersky, in both cases, the cost of amends is equally high. For SMBs, the company found the average cost to be $67,000, while the figure for large corporations was $3.27 million.
"In order to avoid damages and to ensure secure communication with suppliers, a comprehensive multi-layered approach is required. The first thing to do is to delineate access rights to different areas of the corporate network for different employees," Kaspersky Lab head of endpoint product management, Konstantin Voronkov, said.
"This will help restrict a supplier's access to the company's resources. Be sure to find out the details of the supplier's IT security system and implement rules of interaction that are based not only on efficiency and flexibility but also on security," he added.
Source: ARN Australia
Sign up for Computerworld eNewsletters.