The importance of third-party supply chain cybersecurity has become increasingly apparent over the past few years. The recent well-publicized incident at SolarWinds, an IT service provider, is the latest example of a supply chain attack, where the intended victim is not the organization itself, but rather its customers and business partners. Over the past year, the cyber “attack surface” and the amount of sensitive data to which third-party vendors have access has increased due to the large uptick in remote working because of the COVID-19 pandemic. In response to a recent survey by the Ponemon Institute of 581 IT security professionals and 302 C-suite executives, 58% of respondents said that, despite the increased risk, their organizations do not have a third-party cyber risk management program. Ponemon Institute, Digital Transformation & Cyber Risk: What You Need To Know To Stay Safe (2020).
Attacks on third-party vendors have risen in number and severity. 2020 saw a 430% increase in attacks on third-party supply chains. Cyber Attacks: Better Vendor Risk Management Practices in 2021, Shared Assessments (Dec. 18, 2020). Ransomware attacks in particular have seen the most growth, increasing by 715%. BitDefender, Mid-Year Threat Landscape Report 2020 (2020).
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]
