How third-party digital breaches can cripple your company -- and how to prevent them

Presented by Dynatrace

In today’s digital landscape, organizations are increasingly turning to third-party vendors to enhance efficiency and tap into specialized services. Yet, this symbiotic relationship comes with a hidden cost: the third-party security dilemma. As businesses outsource critical functions, they inadvertently expose themselves to cyber threats with potential repercussions that extend well beyond their own walls.

The risks in resilience

The convenience offered by third-party technology providers has led organizations to heavily depend on these sources for essential software and services. While this dependence is advantageous in numerous respects, it can also ensnare organizations in a web of vulnerabilities. As reliance intensifies, so does the risk of exploitation, with vendors potentially compromising security.

The complexity of this issue is magnified by the shared nature of the risk. A cybersecurity breach at a vendor’s end not only jeopardizes their security but also places the client company’s data in peril. The deeper the integration, the higher the stakes, transforming trust into a potential liability.

A case in point is the 2020 SolarWinds incident where cybercriminals infiltrated the supply chain of the network management software giant. The attackers engineered a backdoor into SolarWinds’ offerings, gaining access to the networks of both private entities and government bodies. The breach led to the U.S. Securities and Exchange Commission accusing SolarWinds and its Chief Information Security Officer of fraud, alleging the firm exaggerated its cybersecurity measures while downplaying known vulnerabilities.

The hacker’s playground: A cautionary tale

Third-party vendors, by processing and storing data for many clients, inadvertently become prime targets for cybercriminals. Post-SolarWinds, a Dynatrace study indicates that 64% of organizations have adopted third-party risk management (TPRM) practices, establishing stringent security protocols and contractual agreements with vendors. The vast repositories of sensitive data -- be it financial records, credit card numbers, or social security details -- held by vendors, mark them as lucrative targets for hackers.

However, a survey from Deloitte discloses a troubling reality: 87% of respondents have faced a disruptive incident with third parties in the past three years with nearly a third (28%) experiencing major disruption to all business functions as a result.¹ Additionally, less than half (43%) of Chief Information Security Officers (CISOs) have intensified their oversight over vendors’ software development and testing processes to ensure secure coding and consistent patching. Without proper checks, these ‘trusted’ partners may inadvertently become conduits for hackers, transforming systems and networks into arenas for criminal activities.

Navigating the security maze

To counter these risks, organizations must gain a comprehensive understanding of their data’s location, movement and security within the vendor ecosystem. Awareness of data flow is the initial step in mastering the maze of third-party security. Vigilance in managing multiple vendors is imperative. Consistent evaluations, audits and transparent communication are crucial to confirm that vendors are fulfilling their security obligations.

In the intricate domain of cybersecurity, Software Bill of Materials (SBOMs) emerge as a potential artifact that mitigate risk. SBOMs, by cataloging every software component, aim to provide clarity into the software supply chain, crucial for pinpointing and rectifying vulnerabilities preemptively. Moreover, SBOMs could enable response and recovery during security incidents, allowing organizations to identify and address compromised elements promptly. In our interlinked digital world, embracing SBOMs is vital for organizations to fortify their security frameworks, adeptly manage third-party risks, and protect their operations from the dynamic spectrum of cyber threats.

Alarmingly, despite SBOMs’ potential in bolstering cybersecurity, only 19% of CISOs have integrated third-party SBOMs into their risk management paradigms. This is not surprising, since SBOMs don’t take runtime context into account and contain a lot of noise, cataloguing components and vulnerabilities that are not actually in use. With visibility into what is running in application runtimes, security teams can take the proactive stance in third-party risk management essential to lessen the fallout from cyberattacks, as demonstrated by the SolarWinds debacle, and to establish defense against impending threats.

Mitigating third-party risks through observability

An end-to-end observability platform is crucial for surmounting the challenges posed by third-party security vulnerabilities. It provides comprehensive visibility into the software ecosystem, empowering companies to detect and mitigate security threats effectively. Here’s an in-depth look at how it accomplishes this.

• Visibility and dependency mapping: Observability platforms gather data across the application stack, encompassing infrastructure, services and APIs. They scrutinize third-party software as well as internal components, uncovering security exposures. Moreover, they generate a dependency map that visually outlines the interconnections between components, aiding organizations in pinpointing critical exposures and evaluating their security measures.

• Anomaly detection and analysis: With real-time observability, organizations can swiftly identify atypical behaviors. Platforms powered by AI scrutinize patterns to establish a baseline for each service and alerting to any anomalies, such as a spike in login attempts.

• Threat intelligence and remediation prioritization: Observability platforms can be integrated with threat intelligence feeds, allowing them to compare third-party services against known threats. They also rank exposures based on their potential impact and criticality, directing attention to the most critical areas.

• Incident response and root cause analysis: In the event of a security incident, the platform helps analysts trace the issue to its origin, determining if a third-party vendor is implicated. It also expedites the incident response process by providing relevant context, enabling teams to quickly evaluate the repercussions on third-party services and act accordingly.

By integrating real-time monitoring, threat detection and astute analysis, an end-to-end observability platform acts as a vigilant sentinel, safeguarding against the risks associated with third-party relationships and instilling confidence as organizations navigate the complex landscape of cybersecurity.

Amit Shah is Director of Product Marketing, Application Security at Dynatrace.

1. Deloitte, "Third party governance and risk management: Extended enterprise risk management survey 2019," https://www2.deloitte.com/global/en/pages/risk/articles/third-party-risk.html

Sponsored articles are content produced by a company that is either paying for the post or has a business relationship with VentureBeat, and they’re always clearly marked. For more information, contact sales@venturebeat.com