When it comes to building a security program, one of the most frequently overlooked areas is that of vendor management. Organisations may focus significant resources on internal security, such as vulnerability scans, centralized log management, or user training, while not extending the same diligence towards their third-parties. Therefore, organisations end up trusting the security of their network and data to an unknown and untested third-party.

About the author

Zachary Curley, Consultant at AT&T Cybersecurity.

If an organisation cannot verify the security of its third-parties, then it has introduced the potential for risk and reduced the integrity of their system. Because a chain is only as strong as its weakest link, it is essential to realize that even if the cause of a breach is due to a third-party, it is still your company’s name and brand at risk. What’s more, other potential costs associated with a data breach can include fines, loss of trust, data loss and brand damage.

Risks posed by poor vendor management

Source link


Please enter your comment!
Please enter your name here