Third parties remain responsible for a large number of high profile cyber attacks including the US Office of Personnel Management, Target, Sony, US IRS, Costco and O2, amongst others.

With the ever-increasing dependency on outsourcing, it is imperative for businesses to manage risks posed by third parties. Leaving the backdoor unlocked is simply not an option. 

Managing the Risks posed by the Supply Chain

Just as a burgler would rather enter a house through an unlocked door, so do cybercriminals prefer the easiest route to a successful attack.  The weakest link in the chain, the easy route, is the third party. 

Some third parties that could pose a risk to your organisation are:

• Web hosting providers.
• Data centres.
• Web and application development companies.
• Payment providers and gateways.
• Call centres.
• Customer service centres.
• IT service outsourcers.
• Managed service providers.
• Auditors.
• HR outsourcers.

All of the above can be high valuable targets as they may hold customer/employee data, intellectual property or credit card data, the theft or distriction of which can cause an organisation significant pain both financially and to the reputation of the business.

Incluzion Business Solutions can support your organisation to establish and implement processes to reduce your supply chain risk by:

• Reviewing and improving supplier risk management processes and frameworks.
• Reviewing and improving operational information security controls.
• Assessing a supplier’s baseline security posture.
• Reviewing and improving response in depth controls.