Nearly 70% of UK firms do not assess the suppliers and/or customers they trade with for cyber risk, a survey has revealed
Many UK firms are failing to adequately assess customers and trading partners for cyber risk, a study has revealed.
As a result of this failure, businesses are making themselves more vulnerable to cyber attacks, according to the report by insurance broker and risk management firm Marsh, which polled risk managers and chief financial officers from more than 100 large and medium-sized UK firms.
The firm’s cyber risk survey found nearly 70% of respondents do not assess the suppliers and/or customers they trade with for cyber risk.
More than half of respondents also stated their organisations have not been asked to demonstrate a competent standard of their IT security practices to their bank and/or customers to do business with them.
Stephen Wares, Marsh’s cyber risk practice leader in Europe, said more work needs to be done to consider cyber security as a business issue, as opposed to a technical problem, if organisations are to reduce the threats from cyber attacks.
“This is especially true for larger organisations, which attract highly motivated and sophisticated hackers that might identify smaller business partners that are typically less well protected as the ‘back door’ into their IT systems,” he said.
Organisations should include supply chain security as part of their strategy to reduce the risk of data breaches, an expert panel told attendees of Infosecurity Europe 2015 in London.
Information security weaknesses at suppliers have been responsible for several high-profile breaches in recent years, including malware-laced phishing emails sent via an air-conditioning supplier to US retailer Target in 2013.
View the original content and more from this author here: http://ift.tt/1Bko1HX
from critical infrastructure alliance http://ift.tt/1JUqQ5m
via IFTTT
No comments:
Post a Comment