We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!


A new Ponemon Institute report found that 51% of organizations have experienced a data breach caused by a third-party.

Above: Lifecycle of third-party remote access

Image Credit: SecureLink

SecureLink, a leader in third-party remote access, and Ponemon Institute have released a new report titled “A Crisis in Third-party Remote Access Security”, revealing the alarming disconnect between an organization’s perceived third-party access threat and the security measures it employees.

Findings revealed that organizations are not taking the necessary steps to reduce third-party remote access risk, and are exposing their networks to security and non-compliance risks. As a result, 44% of organizations have experienced a breach within the last 12 months, with 74% saying it was the result of giving too much privileged access to third-parties.

While many businesses continue to outsource critical business processes to third-parties, over half of respondents (51%) say their organizations are not assessing the security and privacy practices of all third-parties before granting them access to sensitive and confidential information. The report highlighted that while many organizations view third-party remote access as a security threat, it is not a priority — even despite the increasing volume and sophistication of cyberattacks happening around them.

If an organization takes a “fingers crossed” approach to third-party risk management then it’s most certainly not a question of “if,” but “when” and “how” and “how much”. Signed contracts, strong reputations, and compliance checklists are important starting points in protecting third-party relationships. But they’re just not enough – especially at a time when hacker activity is surging thanks to new remote ways of working.

The goal of this report is to arm senior decision-makers with information about the third-party remote access landscape so that they can stay ahead of the threats that are inevitably coming. And it’s to help them understand that the issue isn’t just about protecting a single organizations’ data but safeguarding data belonging to customers, partners, and entire communities.

The study was conducted by Ponemon Institute on behalf of SecureLink and includes responses from 627 individuals who are involved in their organization’s approach to managing remote third-party data risks. Respondents are based in North America, spanning six industries, including financial services, health and pharma, public sector, services, and industrial and manufacturing.

Read SecureLink’s full report, A Crisis in Third Party Remote Access Security.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.

Author
Topics