A recent report has revealed a 297% increase in breaches caused by third-party suppliers, accounting for 25% of all reported breaches. This steep increase in third-party vendor-related breaches is unprecedented, and comes following some widely publicised third-party breaches, like in the case of the SolarWinds and Kaseya cyber attacks.
This increase brings attention to the need for organisations to be stringent in selecting vendors to work with, vetting their security systems and minimising the risk that their security vulnerabilities would impact your businesses systems. While compliance certifications vary from industry to industry, ISO27001 and SOC-2 compliance certification is considered to be a standard security certification that demonstrates the company has strict controls in place to minimise security breaches.
Along with an increase in third-party related breaches, the report also shared that more than half of all records breached in 2021 had highly-sensitive information, including birthdates, and government-issued documentation information.
If you’re working with third-party vendors and their systems, it’s critical that you are doing regular data backups and have a robust security infrastructure in place. Whether you’re a small business without a dedicated IT staff or your growing organisation’s IT team is struggling with capacity challenges, our team of CREST-certified cybersecurity professionals are here to help. Contact us to learn more about getting ISO27001 certification, ISO27018 certification, SOC-2 certification or a cybersecurity audit to identify vulnerabilities in your system that could be exploited by a third-party-related hack.