Third party risk is biggest enterprise cyber threat
As supply chains become more integrated and businesses rely more on using the cloud, so the risk that they face also increases.
A new study commissioned by vendor monitoring company RiskRecon and conducted by the Cyentia Institute shows that 84 percent of organizations host critical or sensitive assets with third parties.
A typical firm has 22 internet-facing hosts, but some maintain over 100,000 and 65 percent of hosts sit on infrastructure owned by an external entity. 27 percent of firms host assets with at least 10 external providers. 32 percent of organizations host their data in foreign countries.
"Your risk surface is anywhere your ability operate, your reputation, your assets, your legal obligations, or your regulatory compliance is at risk," says Kelly White, RiskRecon's CEO and co-founder. "The digital transformation has moved the enterprise risk surface well beyond the internal enterprise network, with 65 percent of all enterprise internet-facing systems hosted with third-party providers. The data show that enterprises are not keeping up, with the security of internally hosted systems being much better managed than third-party hosted systems. This dilemma has now become critical because organizations are failing to understand how to manage their entire risk surface based on the volume of external digital exposure they face."
The finance industry has the lowest rate of severe vulnerabilities at 3.2 percent, while the public admin and education sectors have a 60 percent higher rate of critical vulnerabilities than finance.
You can find out more about the results on the RiskRecon blog.
Photo Credit: fotogestoeber/Shutterstock